last executing test programs:

8.359385116s ago: executing program 1 (id=666):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x12, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x3}, @cb_func={0x18, 0xb, 0x4, 0x0, 0xfffffffffffffffd}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @map_val={0x18, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x69}]}, &(0x7f0000000100)='GPL\x00', 0x10001, 0x20, &(0x7f0000000140)=""/32, 0x41000, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x4, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0xe, 0xdd42, 0x8}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000200)=[0x1, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1], &(0x7f0000000240)=[{0x4, 0x4, 0xe, 0x1}, {0x0, 0x4, 0x0, 0x7}, {0x2, 0x3, 0x6, 0x6}, {0x2, 0x2, 0x9, 0x5}, {0x2, 0x4, 0xf, 0x5}]}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='ext4_nfs_commit_metadata\x00', r0}, 0x10)
syz_open_dev$vim2m(&(0x7f00000003c0), 0x6b, 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x52, 0xe7, &(0x7f0000000400)="412ae5b59c19c648d57752700af33e9e63af7d3807d4949a124845ff25cff8275b87ef6268cba4c553fa5a8dd05e8ab91f6d6678300199f92dbdae25bed682889198f42897a31c16fc87b32d170026a558e7", &(0x7f0000000480)=""/231, 0x3, 0x0, 0x53, 0xa0, &(0x7f0000000580)="9b9dcc380b21ea5f3fb96aecb3a5dd598d2a17347f78423c760547b9d8b3501f5ae4ea42c708524fedcb49fb07b4de1496a75a0b8cdac2327bb3b9e3308928752e773179733336154e728d86ee47562fc1781e", &(0x7f0000000600)="dfd71f523d536cb7242c5a3b18185fea437d6a8218619b93936775f27a332c28071af43dc6f694f05e093887368ef072b5be1aa63b60beecf4c5afb80f1b447f0c4463ed0f9f4e832fa69f0c5c78ca460ffcbf4d16ec944c2ad2960311aa0fac42d6df6028f856dfeb0b11e1df399eac764a934c206f409205f235e61b22b540de4b178765fc2732ed9eb5f4cd972b8afc50d0f786a113f6781ca1bae896bc72", 0x2, 0x0, 0x8}, 0x4c)
r1 = syz_open_dev$vivid(&(0x7f0000000740), 0x0, 0x2)
ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc04c5609, &(0x7f0000000780)={0x8, 0x6, 0x4, 0x7a073, 0x200, {0x0, 0x2710}, {0x0, 0x1, 0x6, 0xff, 0x3, 0x4, "ccc3670c"}, 0x3, 0x4, {}, 0x8001})
r2 = openat$vcsu(0xffffff9c, &(0x7f0000000800), 0x14000, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000840)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000880)=@v1={0x0, @aes128, 0x0, @desc4})
r4 = socket$pptp(0x18, 0x1, 0x2)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x23, &(0x7f00000008c0)=0x80, 0x4)
fcntl$notify(r3, 0x402, 0x9)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000000900)={0x1, 'ip6gre0\x00', {}, 0x8})
ioctl$VT_GETSTATE(r3, 0x5603, &(0x7f0000000940)={0x4db, 0x9})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xe, &(0x7f00000009c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xef8b}, [@map_fd={0x18, 0x4, 0x1, 0x0, r3}, @alu={0x7, 0x0, 0xd, 0x4, 0x8, 0xffffffffffffffe0}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x3}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x40}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x4}]}, &(0x7f0000000a40)='GPL\x00', 0x4bce, 0x4d, &(0x7f0000000a80)=""/77, 0x41100, 0x20, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000b00)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000b40)={0x0, 0xf, 0x5, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000b80)=[r3, r3, r3, r3, r2, r2, r2, r3, r3], 0x0, 0x10, 0x7ff}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c80)={&(0x7f0000000980)='ext4_ext_rm_leaf\x00', r5}, 0x10)
r7 = openat$vcsa(0xffffff9c, &(0x7f0000000cc0), 0x2000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000d40)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000d00), 0x13f, 0x6}}, 0x20)
openat$rdma_cm(0xffffff9c, &(0x7f0000000d80), 0x2, 0x0)
r8 = accept4$inet(r2, &(0x7f0000000dc0)={0x2, 0x0, @multicast1}, &(0x7f0000000e00)=0x10, 0x80000)
sendmmsg$sock(r8, &(0x7f00000015c0)=[{{&(0x7f0000000e40)=@can, 0x80, &(0x7f0000001540)=[{&(0x7f0000000ec0)="546a550c74d1af9cb90966cee2014999cc0ae2ad466a3dcae9307ebf0fb685d2e08eac5fd9f30da499d86eddce1da6119feb52f5c0efdd61fc94e767b393141410c1c4809358334c8a480fcb2d1b37acd58386c13a72e4d62a07729cf844e61293d73c15a54e7420addd494e9aa7018f041da63526fb3a", 0x77}, {&(0x7f0000000f40)="3e04b76870c61ff136f105f59d522e59fdcc8e20758e5b8144f7a99789e401abb5bc6e83e0a55fa7f11603af04d48e1b94e9747631ae2ee9a0bd768e4e2deedfb4c1b25e7aaab62ec0cfe52baf3ddb68db5cc838d5b0a25ef440b44162c1d7fce5acc24689d3d04808cfd6cfbe25c7ce3a898d58fd77cb86f3135225e3f6a6938abfb787e811410d3be774c81a9cde57c97aaf68b7ad1df7088aa9926a42ef7cc679a9523a574da5e4e8a4afdff67aa1012b4a0492e3581ff6ce9256ae58ae42b6fd38bc9ce68a248b4f6b35b708cf97b3137416dcd45e17ba1ab4dad832cc94bcfdac6bf645fa74523100645b", 0xed}, {&(0x7f0000001040)="bf19fc5207f7fcfeecdec4f5e44c59bde8ffe8b2398f21f96e14a2f10f01334021739b4a7b8a83590a5821d92a5187aff099027931ec9b5945870d8b7c02256dc2680a0adfd95513703739d8932c970416c836ca25ddbd1697c585621c2c64b63f23311a2e973be2e4991b9d6b0507e6fe648d76be9acc78626c48ecc854ce7e554422a8641d3ddf1e0e0ca5d4d44a14a5112a701e453624fe022397ce93e298ea75969b5872f485873c2c7be417c0a1768c3553e154fe36d5ecf2b5a2f9d43638cfa8b1c024a373f8ce00e5bddc4d9731af05b8b67f1473b4d7fec43ed9954c0a3af491442b71fd89bf0ef748692a315d8bc48c8e303eb4232f", 0xfa}, {&(0x7f0000001140)="923c33629efff504c24fdd21989b3e2e44c778b9cfd08225e886a85dc5d1d29a7d25c89ab71d8ec4d87b74ee2f047f520c961aa7d406b05e8c4b48d99eb15525b599967a1db43a250770221a7ffaf262a70a980abbacf11c72b091291685aef9400ae153b070385929fa644bbec1bfbba819a3baf78ca2", 0x77}, {&(0x7f00000011c0)="71d4e98fb8ef9a5f05b38d850204191b11700b04d2d0c900843ac4c7024ec4c42ff622be117a62f0dffd19875c1e4c2ed6e2749071c4bc7396599cd411450ea1b5556c67dbb8bf809bfd3ec40a0483b3f3778a2e55777af6bae2fa153285916cab43cf9dbf0b85aa8820bf07032f8105088706fde2bbe56d1f0cc1c1dca28539ace5fd88289327c0f4", 0x89}, {&(0x7f0000001280)="7c3aac28473ecdc157a5660e03ac0bf13a4c526734c6c5477a34a9e6c9a404d362667d087c76ef1b802b48c0dcc6d274b9754efd06c45965bb8721a4492e1bebe384bda306638d788a88f24956942688aa80207bc3531ae355895ca1cab2060db4e818709c6fee0b69fb53fef2e13b63aac87a236978edafd1c1eee83b165641082d64a793caf6c3ba0a77494f9eb606b6efa07261987e9781d4f637c2ec45cea6dba3d835662ffb523e126706a734e3ac3adc63c69c67d6ad9e2972b2ba8bb702a981f1854f700ad3e1c0a67f008bb582a4d0fc165fbf76f6aa46f84cfe04a37a4fc2718bba50757293559950994b2f254866a6", 0xf4}, {&(0x7f0000001380)="9dcb769d7d5795a35d194e960ac0e912796d4054c83680e160d5d039e2fe34318264507a9c47d255bdb15ef0c66003c6aa055782401878a9bc8ae17af1bd5475b45a5ac094ca16ba63b8e5e64c86c6d251ad24b25201d5f3a87913c371c63550f1ef1cc425acf4931c8d6dd0fe9d5bef58129a50d45a998288329c6ec1ce6241c0a5e7201b99aafeca288343ef12997d6d02dd5809900f1d06a09479ac80317c4be86fa40dc36d53f12c", 0xaa}, {&(0x7f0000001440)="8ce19371fa28df8e417d9836eb198b34014becdef49248f3bab7186d3cd63440ae845d279255b8cd2da9472e985032f3c66ede29fa6d40c65a0c858db99cc0e16c22649247c0aaca3210c606f13e14f167ae7862efd58434976920a84d72763d89789b1b6288e934d7f469b4a328f04c602d50ee312dc1efc67545eb6559842c59886286fade46347e42e7874243cb9c0a30a186b58b010a61d77facec0ce78378c351586f3fc7e0a08cd897063d1e9332844efbe5d4e5a6ff0fc96fe3253c0bb093", 0xc2}], 0x8, &(0x7f0000001580)=[@mark={{0x10, 0x1, 0x24, 0x2}}], 0x10}}], 0x1, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000001600)={0x2710, 0x6, 0xeeef0000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000016c0)={{0x1, 0x1, 0x18, r6, {<r9=>0xee00, <r10=>0xffffffffffffffff}}, './file0\x00'})
ioctl$DRM_IOCTL_GET_CLIENT(r7, 0xc0186405, &(0x7f0000001700)={0xa, 0x1, {0xffffffffffffffff}, {<r11=>0xee00}, 0x1ff})
lstat(&(0x7f0000001740)='./file0\x00', &(0x7f0000001780)={0x0, 0x0, 0x0, 0x0, <r12=>0x0})
lstat(&(0x7f0000001800)='./file0\x00', &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
ioctl$NS_GET_OWNER_UID(r7, 0xb704, &(0x7f00000018c0)=<r14=>0x0)
mount$fuse(0x0, &(0x7f0000001640)='./file0\x00', &(0x7f0000001680), 0x2011, &(0x7f0000001900)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, 0xee00}, 0x2c, {'group_id', 0x3d, r10}, 0x2c, {[{@allow_other}, {@max_read={'max_read', 0x3d, 0x8}}], [{@euid_eq={'euid', 0x3d, r11}}, {@permit_directio}, {@dont_measure}, {@uid_eq={'uid', 0x3d, r12}}, {@fowner_lt={'fowner<', r13}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'ext4_nfs_commit_metadata\x00'}}, {@uid_lt={'uid<', r14}}, {@dont_hash}]}})
listxattr(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)=""/215, 0xd7)
quotactl_fd$Q_QUOTAOFF(0xffffffffffffffff, 0xffffffff80000300, r9, 0x0)

8.130605184s ago: executing program 1 (id=669):
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280), 0x6)
write(r0, &(0x7f0000000340)="05000000", 0x4)
getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x4, 0x0, &(0x7f0000000100))
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20}, 0x1c)
r2 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000680)={{0x3, @netrom}, [@rose, @netrom, @rose, @bcast, @null, @default, @netrom, @null]}, &(0x7f00000003c0)=0x48, 0x800)
r3 = dup2(r2, 0xffffffffffffffff)
listen(r1, 0x80080400)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2b000000b7f781fdb7823e4e8c5e14b2ff1e0e0300a5e9148a84e5cd55be8efb1b786542fad12b6052392e8dc5fb762c0b235c902b352ff32c8b4517f5e44abc1edde8545c9feb6b54", @ANYRES16=0x0, @ANYBLOB="000000000000000000003900000008000300", @ANYRES32=0x0, @ANYBLOB="0c005a800800018004000200"], 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000047c00000400000014000180060006000806000008"], 0x2c}}, 0x0)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10)
getsockopt$inet_int(r5, 0x10d, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x4)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000540)=0x200, 0x4)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
cachestat(r6, &(0x7f00000005c0)={0x998e, 0x2}, &(0x7f0000000600), 0x0)
pipe2(&(0x7f0000000040), 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f00000004c0)={[{0x8, 0x2, 0x6, 0x3, 0x1, 0x5, 0x7, 0x0, 0x0, 0x5, 0x5, 0x5b, 0x6}, {0x7, 0x6, 0x10, 0x0, 0x3f, 0x2, 0xf9, 0xf0, 0x3, 0xd6, 0x8, 0x0, 0x3}, {0x3, 0x10, 0x0, 0x94, 0x6, 0x2, 0x40, 0x5, 0x4, 0xf, 0x40, 0x3}], 0x1000})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="2400000000000000000000000000000000000000106e70757400"/36], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
capset(0x0, &(0x7f0000000040))
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
fremovexattr(r7, &(0x7f0000000080)=@known='trusted.overlay.redirect\x00')
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040e0c00031000d8570ee6d75c"], 0xf)

7.774573927s ago: executing program 1 (id=671):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea0009058703"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000002340)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000002640)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000740))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000680)=0x40)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="041816aaaaaaaaaa103395f9d846821098c6fb9d"], 0x1a)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1400", @ANYRES16=r6], 0x14}}, 0x0)

7.302229972s ago: executing program 3 (id=672):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x8501f4c9cce688f6)
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000e12000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000040)="c74424006cb301a9c74424025fd10000c7442406000000000f0114246443de0b41a800460fc73da7950000c401f817783036f2400f0864f3460f35430f7918c4c1f9c5d40f673e460f01df", 0x4b}], 0x1, 0x0, &(0x7f0000000140)=[@efer={0x2, 0xc800}, @vmwrite={0x8, 0x0, 0x11, 0x0, 0x3, 0x0, 0x1, 0x0, 0x5}], 0x2)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f00000000c0)=[{&(0x7f0000217f28)=""/217, 0xd9}], 0x1, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, r3, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

7.017763442s ago: executing program 3 (id=673):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x3}}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_ACTION={0x6, 0x3, 0x19}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8800}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r3, 0x25, 0x1, @void}, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000000100)={@broadcast, @local, @val={@void}, {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "534ead40a3537293"}}}}, 0x0)
r9 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
pselect6(0x40, &(0x7f0000000040)={0xc, 0x200000000000000}, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r9, 0x4020565a, &(0x7f0000000180)={0x3, 0x98f904, 0x1})
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000200095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$TIOCGPTPEER(r11, 0x90000915, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(r11, 0x541c, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000001000)='sched_switch\x00', r10}, 0x10)
socket$kcm(0x2, 0x200000000000001, 0x106)

6.498510223s ago: executing program 3 (id=675):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendto$inet_nvme_icreq_pdu(r0, &(0x7f0000000000)={{0x0, 0xa, 0x80, 0x6}, 0x0, 0x0, 0x0, 0x7fff}, 0x80, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r4, 0x0)
preadv2(r3, &(0x7f00000006c0)=[{&(0x7f0000000600)=""/166, 0xa6}], 0x1, 0xc14, 0x9, 0x8)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000180)=ANY=[])
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x0, 0x30}, 0xc)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r7, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f00000004c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$binfmt_elf64(r7, &(0x7f0000000380)=ANY=[], 0x2df)
syz_usb_connect(0x2, 0x5f, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0xd0, 0x3d, 0x79, 0x40, 0x12d1, 0x641b, 0xbee7, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x4d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x6c, 0x2, 0x0, 0xff, 0x1, 0x14, 0x0, [@uac_as={[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x7f, 0x1, 0x7, 0xf, "b9c749eef5be"}, @as_header={0x7, 0x24, 0x1, 0x1, 0x43, 0x1002}]}, @uac_control={{0xa, 0x24, 0x1, 0x1, 0x10}, [@extension_unit={0x9, 0x24, 0x8, 0x1, 0xffff, 0x1, "e6a5"}, @feature_unit={0x7, 0x24, 0x6, 0x5, 0x4, 0x0, [], 0x4}, @extension_unit={0x8, 0x24, 0x8, 0x1, 0x6d, 0xc8, '3'}, @selector_unit={0x5, 0x24, 0x5, 0x1, 0x9}]}]}}]}}]}}, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000001f40), 0xc)
sendmmsg$inet6(r7, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='4', 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet6(r7, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988300d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0x0, 0x0, 0x0)

6.200309456s ago: executing program 1 (id=676):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000c0000000000000300000040c201802c0004001400010002000000ac1414aa000002000000e000000200000000000000000d0001007564703a73747a320000000056aabeb83602a01e8173f9a1b04e24963963cf77f108744c353349ba0f8f45ebcd296df8fa7f9d924327153b0c5361409b2aee3248dedd8fcf6c1356bc02455d5d6eb0ed1d18f4ba8556320ee27c67b4fbfd3617417f154bbd6f76930c7c"], 0x54}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, 0x0, 0x4)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000062c0)=[{{&(0x7f0000000500)=@phonet, 0x80, 0x0}, 0xfff}, {{0x0, 0x0, &(0x7f0000006180)=[{&(0x7f0000004f80)=""/46, 0x2e}, {0x0}], 0x2}, 0x5}], 0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x301100, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x74000000)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
write$dsp(r0, &(0x7f0000002000)='`', 0x88020)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r5, 0x5100)
readv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/187, 0xbb}, {0x0}], 0x2)

5.794374361s ago: executing program 2 (id=677):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x2}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg0\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=@newtaction={0xea8, 0x30, 0x25, 0x0, 0x0, {}, [{0xe94, 0x1, [@m_pedit={0xe90, 0x1, 0x0, 0x0, {{0xa}, {0xe64, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}, {}, {}, {}, {0x1ff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x9e6f}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x8001}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}]}}, @TCA_PEDIT_KEYS_EX={0x40, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xea8}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x6}, 0x48)
io_setup(0x401, &(0x7f00000004c0))
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$mouse(&(0x7f00000000c0), 0x9, 0x232440)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
timerfd_create(0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000400)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x95], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r3, 0x40045566, 0x8)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000080)={0x0, 0x2, 0x7ff, 0x1, r1})
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r3, 0x5501, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r4, &(0x7f0000000400)={0x2020}, 0x2020)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

5.270805202s ago: executing program 0 (id=678):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_basic={{0xa}, {0x14, 0x2, [@TCA_BASIC_POLICE={0x10, 0x4, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}]}]}}]}, 0x44}}, 0x0) (fail_nth: 1)

5.03259965s ago: executing program 0 (id=679):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-pclmul\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs$userns(0x0, &(0x7f00000004c0))
ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000000580))
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300), 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000340)}}], 0x1, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/route\x00')
read$FUSE(r4, &(0x7f0000007700)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
setresgid(r5, 0xffffffffffffffff, 0xffffffffffffffff)
sendmmsg$inet6(r1, &(0x7f0000004340)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)='4', 0x1}, {&(0x7f00000002c0)="b94852de052a1dcd7f8ccf709cd7b380", 0x10}], 0x2}}], 0x1, 0x0)

4.904573837s ago: executing program 2 (id=680):
r0 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x700, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000210001050000fcffffff000002000000050025c4f9ff00"], 0x2c}}, 0x0)

4.826350296s ago: executing program 2 (id=681):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='sample_threshold\x00', r0}, 0x10)
capset(0x0, &(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r4=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty, 0x9}, @ib={0x1b, 0x0, 0x0, {"0e000000000000000000000004000001"}}}}, 0x118)
writev(r2, &(0x7f0000000300), 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, 0x1c)
listen(0xffffffffffffffff, 0x8)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40043, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r7, 0xc05064a7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)=[<r9=>0x0], &(0x7f0000000040), 0x0, 0x1, 0x0, 0x0, r8})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r7, 0xc01064ab, &(0x7f0000000040)={0x0, r9, r8})
socket$kcm(0x2, 0xd, 0x2)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}}, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)

4.008131792s ago: executing program 0 (id=682):
sched_setaffinity(0x0, 0xfffffffffffffe58, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x18, "000080f100df000000a7d9de16c708db7200"})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x81)
fchdir(r2)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000300)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r3}, 0x10)
socket$kcm(0x2b, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58)
r5 = socket$key(0xf, 0x3, 0x2)
r6 = socket(0xf, 0x3, 0x2)
write(r6, &(0x7f0000a97ff0)="020baf010200000000067bbc8e1d4b48", 0x10)
sendmsg$key(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="020b00e50200000000236e6f402875b945c80100"/29], 0x10}}, 0x0)
r7 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r7, &(0x7f0000000000)={0x27}, 0x62)
listen(r7, 0x0)
epoll_create(0x4)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000180)={0xa0000015})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

3.507294833s ago: executing program 2 (id=683):
syz_open_dev$ttys(0xc, 0x2, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
mknodat(0xffffffffffffffff, 0x0, 0x0, 0x0)
chdir(0x0)
r1 = openat$vicodec0(0xffffff9c, &(0x7f0000001bc0), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0185647, &(0x7f0000002380)={0xa00000, 0x3ff, 0x5476, r1, 0x0, &(0x7f0000002340)={0x50009, 0xc, '\x00', @string=0x0}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
pipe2(&(0x7f0000000e40)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0x0)
openat$vimc2(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
shutdown(r2, 0x1)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
sendto$inet6(r2, &(0x7f0000000080)="ae95e80e8a95a8823f4b2b94a131fd7a32df0edc4d5c5d8d601e0d018829e979eb04a041f86d096fa7fb623eb39879a33e949757108db5a0342db11ffe3e6f32e9419c9b041c1688b0f687387b098eeacd0e8b86189e15a3af07c1c6", 0x5c, 0x24000002, &(0x7f0000b63fe4)={0xa, 0x4e21}, 0x1c)

3.374072975s ago: executing program 3 (id=684):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea0009058703"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000002340)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000002640)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000740))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000680)=0x40)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="041816aaaaaaaaaa103395f9d846821098c6fb9d"], 0x1a)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000", @ANYRES16=r6], 0x14}}, 0x0)

2.492936084s ago: executing program 2 (id=685):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x3}}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_ACTION={0x6, 0x3, 0x19}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8800}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r3, 0x25, 0x1, @void}, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000000100)={@broadcast, @local, @val={@void}, {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "534ead40a3537293"}}}}, 0x0)
r9 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
pselect6(0x40, &(0x7f0000000040)={0xc, 0x200000000000000}, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r9, 0x4020565a, &(0x7f0000000180)={0x3, 0x98f904, 0x1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000200095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r11, @ANYBLOB="010000000074575af3ab0d8d3c72"], 0x14}}, 0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$TIOCGPTPEER(r12, 0x90000915, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(r12, 0x541c, &(0x7f00000000c0))
socket$kcm(0x2, 0x200000000000001, 0x106)

1.454149639s ago: executing program 2 (id=686):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r1 = openat$proc_capi20ncci(0xffffff9c, &(0x7f0000000000), 0x1a1841, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0), 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000704000/0x4000)=nil, 0x4000}})
openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000d80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831b538dfd8e012e79578e51bc5af65ff7ae735ffc8191a9bb0a83099e90f4580d760551b5b342f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea086e95767d42b4e54861d0227dbfd2e6d28715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c62fd5d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc2200000000000001ff9682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e2331d01ce99a069694124d37cef099ece729aa218f9f44ad06a223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb8fc500404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99ff987900040000009feb121c49e07dbed4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39e00213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd9205218ee0200e2ff08644fb94c06003dc39050f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e906049fe86e09c58e273cd905deb28c13c1ed1c9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f891fab9d3f2e82c5f6fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935000000009c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f281e6bad1e5aa6d901c279eb156c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b4c6936531effce7115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b402bbab76fbb9d8a917df5b2e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380b3e365f84a3e5b116ae3e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627aaefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00000000000000000000000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8d5f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c4a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d76ef45af7d87b308117a9ea24dcda2bc42cf20942c31268a400a221d7b1622585094e9dd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a420cc91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc1a170200a63a83ab25a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b47800acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7acb37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c901d99eced99b46b43016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa91811ccd7c1b1a92bac529df90000000000000000000000004000301b5557b674a86db8c4bfd58ff30000000000000000000000e8f1ed2ea68b0569be17bd73c0633ed4acaaef9e9f7d21998f55b71b26af7e284b1cc4685d740a9d106380dd8cb78f9d9c8cf59b155bc569ddd3098417286bec31896306410a60acadb0f3fb44d30b82986b792635155fa3d562d3aa09452cbb201b0dfed6412837bc2237acf7ca5997ee1898541f4a1c4031e240ccc80ee8fad036ce04409c4630821b8b99be5a3f72afc458f8417544014a67ae4ad31b15c8e13c9f0cdee4abefd0ed28a4a55dd992a748008822d05f13b1a8112d7f41e3bf28bcc1b0963798bed4e0db07d0574016276aa28a86eb33d20a5d58f58201edcef1253b02aac4c74427322ec24809bb059c41db9ee1c3e728c76c5ade17df0a7fc74229ea1a525ee42e8eac3675cb18d6c06748e93179c382f331dde2eea7eab2da71c2ea7086c0c71b6e3d837fdfdc1a5285c471b11eb3311a9f7459a57f7174d000000000000000000000000000000000000000000000008c6987f5d91d640fe5d83d4489b382fe3d3e49c23dcee2af69ba44ab575f354ed026cbf37acc05331084088093fa14152ee6d861dc27a69a9a563c0feb8b27fb7d4586b35a6f181793d5b73e231e7a2d1a6f564a06adc348b9a1c1017f908f99e136b04a0d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xa, 0x0, 0x4, 0xff, 0x20, 0x1}, 0x48)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r3, 0x89f7, &(0x7f0000000580)={'sit0\x00', &(0x7f00000004c0)={@private=0xa010102, 0x0, 0x0, 0x70, 0x0, [{}, {@initdev}, {@initdev}, {@local}, {}, {@remote}, {@broadcast}]}})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0x2}}, './file0\x00'})
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9004}, 0x4)
syz_emit_ethernet(0xfdef, &(0x7f0000000c00)=ANY=[@ANYBLOB="bbbbbbbbbbbbaa8aaaaaaa00080045000014000000020000907800000002e000000289c649d98a7b858f589b72e842a04f615d8b043d262677a09e65c95c1af4b2482a32edcdeb5c5dfa0af47bbd401fb729c2faaebc7ab782b9c909a6c780e55d8abdc0bef5358bd15f5e9f3f46885b7ca165ca28a7d1d17db566ecd0c62b3832b46b37ccf892a731a1e8f188e750684707e9d8dda5b6dbd8562bbbb9916bf9100485fe6a2962c81c73087e4feec654e508024808c9202f28113599f431e026bf9dbe7cf612a853a58e8f14785f883554bd41c3cae0d149598ff8622a39460900801e41152b81dae6220b5ea60bb50e0dcb2a2acd5c8e24ac66"], 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=@newtaction={0x84, 0x30, 0x1, 0x0, 0x0, {0x7a}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x8, 0x0, 0x0, 0x0, 0x0, 0x80000002}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xce}, 0x0, 0x0, 0x1}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x2}}}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bind$rds(r1, &(0x7f0000000300)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
r7 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r7)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

970.053054ms ago: executing program 1 (id=687):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes-aesni)\x00'}, 0x58)
syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xb989)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/rt_cache\x00')
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000040)=@generic)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="00010000", @ANYRES16, @ANYBLOB], 0x1c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0x0, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x1c}}, 0xbaa481130a5d687d)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @private0}})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'veth0_virt_wifi\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), 0xffffffffffffffff, 0x1}}, 0x18)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0xc, 0xa031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00007fe000/0x800000)=nil, 0x800000, 0x19)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)

349.182144ms ago: executing program 0 (id=688):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c000000010000504000000000000000000000000a5b65a1ad4bbf4824311eebbfcd8b72dc9525bee17553fb19b9a5ce8ba550b68968b4b3dbb5b53718b28ae7559a41e413038dcac2237ad72a5cbff3f6d6456a334add5eb10d63557f117d9ff1135", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b00010065727370616e000010000280050016000800000004001200"], 0x40}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001640)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x9}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x9}, {}, {}, {}, {}, {}, {0x2000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x7fff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7fffffff}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
ioctl$TIOCSCTTY(r2, 0x540e, 0x81)

264.154134ms ago: executing program 0 (id=689):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f00000005c0)={0x164, r1, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x150, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x3, 0x6, 0x3ff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "a5c2ceb329f0cdf4330543b1c794e74cca32b4632358"}}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "51c26aa0735c734da07c80b40b53720831a7dae4"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xbd, 0x3, "379fded748fad207200dcec6cafacc249620ca6a53b68cddda8f7c5a5ddd0ca286b8f359e3ffa3aa4b66a9b3f4db45279f8d97d63f259ffc6d3fb9153401671da5c78831cd613792c1bd01515702fdcfd4787cde270fb4515083a3a35b0e3009d5df76b77363cf90b33e98beec1e0d3c86761199fcf181a1aea0e1278608bf9c161bb5bedf830c1c3a58e12bad2ce335c1434c44cdc2d498af59bb621249563015822eaf112142361aeae34217169b451bb4ca80c25c64e668"}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x10}, 0x4001)
sendmsg(r0, &(0x7f0000001780)={&(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @empty}, 0x3, 0x2, 0x2}}, 0x80, &(0x7f0000000240)=[{&(0x7f00000001c0)="007d2747e00fa87eb22654ade93ae07ca8000000006930eaf3e53c1ad8000000", 0x20}, {&(0x7f0000000140)="88cd039931009c568d62ad31f78c49c2e42002eb2c43819050d5ea000704cb2c6bf695df58375491bb91c88b85598173cea2000b8acc49c1e88c63ec0d6d106ac27caf495acb2449cc4e4b6970b690fc9983a67db6b3b13e9ced791ae35a7c828c", 0x61}, {&(0x7f0000000200)="03f5010e", 0x4}], 0x3, &(0x7f0000001880)=ANY=[@ANYRESOCT=0x0], 0x1544}, 0x4040140)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000017c0)=ANY=[@ANYBLOB="140000002400090000283600000000000300000079f6d66820e92542870109dd2442f20f8b6660e6eca51b0203aba09eb238be8af1677ef7eb514526da5860d60652d99c1c6e73ee05ca62c17fc22f0439c602a27e606a07822e0dc4298c37b5330dc97ced2b08965bb3fd40236eaaaf926a64c07dcf95ac98bceaaaee6114b31bb3d3782d88d13a22a3"], 0x14}}, 0x0)

199.544062ms ago: executing program 3 (id=690):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f00000000c0)=[{&(0x7f0000217f28)=""/217, 0xd9}], 0x1, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3f00, 0x4002011, r1, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

199.094019ms ago: executing program 0 (id=691):
r0 = getpid()
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r2)
ioperm(0x0, 0xf1, 0x7)
r3 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r2, 0xc010640c, &(0x7f00000004c0)={0x11})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000007000000b7030000000000008500000072000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r4, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x4c)
read(r1, &(0x7f0000000080)=""/1, 0x1)
write$cgroup_pid(r1, &(0x7f00000000c0)=r0, 0x12)
close(r1)
openat(r1, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x5f9742, 0x9e)
openat(0xffffffffffffffff, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000400)={0x0, 0xfffffff0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000760009eeffffffffffffff0400000000", @ANYRES32=0x0, @ANYBLOB="04000d80080005"], 0x24}, 0x1, 0x5502000000000000}, 0x0)
pwritev(r5, &(0x7f0000000480)=[{&(0x7f0000000500)="a1dc3e7e762fa0e31083bb5c44e6e6878ef80629891230f998ff2d3d787dee8289355d7e005364d47d3afab14c58ca666f116a36d089f1d1842667554d9ce10b2a80a1d3094ea3bfb1baed7df9a5485a5b3eebedc6b9e39716c588c9ba", 0x5d}, {&(0x7f0000000580)="a6a228f956b86744832292273511966b16fd9bbb6c5ed658165940531a5029690bfbf9b0abc1c83de5d224e0fbfd68e5556397c8c69cdc85389241778442939d760673eb364deb7d32d3947010736f897e814c2cdc72073b23d3a5fe252f8d75a3c94f22165125af7ec2aa01ec2fa60f9121b9f3280b6779de8e82a14b2e57a554684bfe68faa5f8ccc666373a4a3f22dbc4301896c8354891eceecfc3a8f1c6f5afcc38403867c60851c0496895985ee8b5c2fec5a5c221d92d50ba4fba03a5c6ad17583b2fb04c496373ccf5c86fc8f147275c82fe26", 0xd7}, {&(0x7f0000000740)="48121a5ecc1edcdd28fcf53d24c6d4eb3bb1d889fb661f6d6bd27ba3d4c185bcee4fb4904a39760fb6509138b9ac76b380f8ba6d5872c38e116b40e1c7b0f35f27a7201d6f6439e373815c911facb1874bc17020b51d6920e7bec00b9a3d81b6a7baa2d251e1cab89e8788df49fded9fb4b33700d9b43e6905430333608ac2ead45c6c3aec5e4f9770ff3c508a", 0x8d}, {&(0x7f0000000800)="18923af5c7ff50ee1a1b3c2d7fd158c6d37fae685ee2e2ebd0667ab695e07122fd18cb038524a862245b51743d97461d1fe2fc0e7018b00a9a9f035c7815ab3584c6ad54eeb2f4e65095529daba338f414a85920ab92601c71a7f7c88cee072ee9ed03a28b84a90036dc49ba8f9918c227796e61ac54dc4ce69d435eece1021b87e54440bd33369b17d9317c393f63c13251aba4f1f875a8f045eaed117300eb84df75a319440a4d62a4d218dd995d512ce09d0af4f10c63cb4c", 0xba}], 0x200000000000004a, 0x6, 0xffff97bb)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x2, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f0000000380))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f000009de00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000006800552ff539e04b8ba4fd9d22000000000000000000000000000000b1e900000000001400020000"], 0x2c}}, 0x0)
syz_open_dev$MSR(&(0x7f0000000000), 0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c614b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffd4a}, 0x41)
eventfd(0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)

75.08992ms ago: executing program 1 (id=692):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
socket(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000020e6ffffff00000f000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r2, 0xab07, 0xb)
r3 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
ioctl$NBD_DO_IT(r3, 0xab03)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
syz_open_dev$ndb(&(0x7f00000002c0), 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
semget(0x1, 0x0, 0x4cc)
open(0x0, 0x400141042, 0x0)
semget(0x3, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
semget(0x1, 0x3, 0x204)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x2, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000100)={&(0x7f0000000080)=[0x0], 0x1, 0x80000, 0x0, <r5=>0xffffffffffffffff})
r6 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r6, &(0x7f0000000280)={0x18, 0x2, {0x0, @private=0xa010104}}, 0x1e)
connect$pptp(r6, &(0x7f0000000080)={0x18, 0x2, {0x3, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x1e)
sendmsg$IPSET_CMD_HEADER(r5, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000000c06050000003d00000000000300000205000100070000df9f0002007309000000e10000050001ff06000000"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40)
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc0445609, &(0x7f0000000180)=@mmap={0x6, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e90bc2f9"}})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0f00000001080300000000020000000003000001"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x240488d0)

0s ago: executing program 3 (id=693):
syz_open_procfs(0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000002240)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0})
socket$inet6(0xa, 0x2, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000008c0)=ANY=[@ANYBLOB="2000000010000104faffffff000000e200004800", @ANYRES32=r3, @ANYBLOB='&'], 0x20}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) (fail_nth: 7)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

6655]  __ia32_sys_bpf+0x76/0xe0
[  216.162036][ T6655]  __do_fast_syscall_32+0x73/0x120
[  216.164248][ T6655]  do_fast_syscall_32+0x32/0x80
[  216.166340][ T6655]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.169064][ T6655] RIP: 0023:0xf7f14579
[  216.170787][ T6655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.178848][ T6655] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  216.182232][ T6655] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000600
[  216.185554][ T6655] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  216.188923][ T6655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.192203][ T6655] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.195125][ T6655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.198037][ T6655]  </TASK>
[  216.566107][ T6664] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  216.968454][ T5357] Bluetooth: hci5: command 0x0406 tx timeout
[  217.138666][ T5851] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  217.313326][ T6677] xt_NFQUEUE: number of total queues is 0
[  217.318472][ T5851] usb 5-1: Using ep0 maxpacket: 32
[  217.356506][ T5851] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  217.360505][ T5851] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  217.365088][ T5851] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  217.400452][ T5851] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  217.411322][ T5851] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  217.417646][ T5851] usb 5-1: config 0 interface 0 has no altsetting 0
[  217.434701][ T5851] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  217.438657][ T5851] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  217.442461][ T5851] usb 5-1: Product: syz
[  217.444227][ T5851] usb 5-1: Manufacturer: syz
[  217.446125][ T5851] usb 5-1: SerialNumber: syz
[  217.455260][ T5851] usb 5-1: config 0 descriptor??
[  217.463045][ T5851] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  217.481656][ T5851] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  217.772195][ T6671] ldusb 5-1:0.0: Couldn't submit interrupt_in_urb -90
[  217.827046][ T5851] usb 5-1: USB disconnect, device number 5
[  217.831295][ T5851] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  218.469935][ T6683] MTD: Attempt to mount non-MTD device "/dev/nbd1"
[  218.474784][ T6683] syz.1.288: attempt to access beyond end of device
[  218.474784][ T6683] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0
[  218.553656][ T6691] netlink: 48 bytes leftover after parsing attributes in process `syz.0.291'.
[  218.557343][ T6691] netlink: 24 bytes leftover after parsing attributes in process `syz.0.291'.
[  218.699889][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.291'.
[  218.703245][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.291'.
[  219.008402][    C0] vkms_vblank_simulate: vblank timer overrun
[  219.029900][ T5362] Bluetooth: hci11: Controller not accepting commands anymore: ncmd = 0
[  219.034465][ T5362] Bluetooth: hci11: Injecting HCI hardware error event
[  219.042918][ T5357] Bluetooth: hci11: hardware error 0x00
[  220.139146][ T6714] netlink: 24 bytes leftover after parsing attributes in process `syz.1.296'.
[  220.481077][ T5362] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  220.485065][ T5362] Bluetooth: hci4: Injecting HCI hardware error event
[  220.489987][ T5362] Bluetooth: hci4: hardware error 0x00
[  221.019555][ T5366] Bluetooth: hci4: unexpected event for opcode 0x0406
[  221.029198][ T6722] capability: warning: `syz.0.298' uses 32-bit capabilities (legacy support in use)
[  221.197711][ T5366] Bluetooth: hci3: unexpected event 0x06 length: 23 > 3
[  221.228558][ T5357] Bluetooth: hci11: Opcode 0x0c03 failed: -110
[  221.547180][ T6731] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  222.548617][ T5362] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  222.558592][ T5362] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  222.563339][ T5362] Bluetooth: hci3: Injecting HCI hardware error event
[  222.567340][ T5362] Bluetooth: hci3: hardware error 0x00
[  222.808730][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.029031][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.083225][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.228431][    C0] vkms_vblank_simulate: vblank timer overrun
[  224.630968][ T5362] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  224.774250][    C0] vkms_vblank_simulate: vblank timer overrun
[  224.856434][ T6761] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  225.039968][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.385642][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.642130][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.692825][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.735795][    C0] vkms_vblank_simulate: vblank timer overrun
[  227.006925][ T6772] netlink: 48 bytes leftover after parsing attributes in process `syz.0.315'.
[  227.033795][ T6772] netlink: 24 bytes leftover after parsing attributes in process `syz.0.315'.
[  227.206871][ T6775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.315'.
[  227.220584][ T6775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.315'.
[  228.224978][ T6789] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  228.569031][ T5362] Bluetooth: hci10: Controller not accepting commands anymore: ncmd = 0
[  228.573500][ T5362] Bluetooth: hci10: Injecting HCI hardware error event
[  228.610891][ T5362] Bluetooth: hci10: hardware error 0x00
[  228.777427][ T6799] =======================================================
[  228.777427][ T6799] WARNING: The mand mount option has been deprecated and
[  228.777427][ T6799]          and is ignored by this kernel. Remove the mand
[  228.777427][ T6799]          option from the mount to silence this warning.
[  228.777427][ T6799] =======================================================
[  230.376178][    C0] vkms_vblank_simulate: vblank timer overrun
[  230.448789][    C0] vkms_vblank_simulate: vblank timer overrun
[  230.594025][    C0] vkms_vblank_simulate: vblank timer overrun
[  230.812829][    C0] vkms_vblank_simulate: vblank timer overrun
[  230.817844][ T5362] Bluetooth: hci10: Opcode 0x0c03 failed: -110
[  230.977137][    C0] vkms_vblank_simulate: vblank timer overrun
[  231.120072][    C0] vkms_vblank_simulate: vblank timer overrun
[  231.158828][    C0] vkms_vblank_simulate: vblank timer overrun
[  231.598524][    C0] vkms_vblank_simulate: vblank timer overrun
[  231.836832][    C0] vkms_vblank_simulate: vblank timer overrun
[  231.940404][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.077652][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.111531][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.228450][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.311173][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.408373][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.498771][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.553606][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.608402][    C0] vkms_vblank_simulate: vblank timer overrun
[  234.045448][ T6831] bridge_slave_0: left allmulticast mode
[  234.050496][ T6831] bridge_slave_0: left promiscuous mode
[  234.054502][ T6831] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.064563][ T6831] bridge_slave_1: left allmulticast mode
[  234.066893][ T6831] bridge_slave_1: left promiscuous mode
[  234.072275][ T6831] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.083293][ T6831] bond0: (slave bond_slave_0): Releasing backup interface
[  234.101088][ T6831] bond0: (slave bond_slave_1): Releasing backup interface
[  234.132543][ T6831] team0: Port device team_slave_0 removed
[  234.144581][ T6831] team0: Port device team_slave_1 removed
[  234.147945][ T6831] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.152801][ T6831] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.157727][ T6831] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.161308][ T6831] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.230766][   T57] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  235.408355][   T57] usb 8-1: Using ep0 maxpacket: 8
[  235.413222][   T57] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  235.428385][   T57] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  235.432184][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.449135][   T57] usb 8-1: config 0 descriptor??
[  235.719981][   T57] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  235.981244][ T6852] Illegal XDP return value 4294967274 on prog  (id 70) dev N/A, expect packet loss!
[  236.434498][ T5896] usb 8-1: USB disconnect, device number 5
[  236.439628][ T5896] iowarrior 8-1:0.0: I/O-Warror #0 now disconnected
[  237.830939][   T59] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  238.029517][   T59] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  238.033289][   T59] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.046228][   T59] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  238.050573][   T59] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  238.054747][   T59] usb 8-1: Manufacturer: syz
[  238.059297][   T59] usb 8-1: config 0 descriptor??
[  238.158533][   T59] rc_core: IR keymap rc-hauppauge not found
[  238.161563][   T59] Registered IR keymap rc-empty
[  238.168218][   T59] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  238.180806][   T59] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input7
[  238.360849][ T6871] ptrace attach of "/syz-executor exec"[6874] was attempted by "/syz-executor exec"[6871]
[  238.360896][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  238.360909][   T39] audit: type=1400 audit(1725780163.024:33): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=6870 comm="syz.3.342"
[  238.584879][   T59] usb 8-1: USB disconnect, device number 6
[  239.250761][ T6881] block nbd3: NBD_DISCONNECT
[  239.254580][ T6881] block nbd3: Disconnected due to user request.
[  239.266783][ T6881] block nbd3: shutting down sockets
[  240.703499][ T6897] evm: overlay not supported
[  240.708189][ T6897] Invalid ELF header magic: != ELF
[  240.711015][   T39] audit: type=1804 audit(1725780165.364:34): pid=6897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.348" name="/newroot/77/bus/bus" dev="overlay" ino=453 res=1 errno=0
[  240.873817][ T6899] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  241.210608][ T6903] FAULT_INJECTION: forcing a failure.
[  241.210608][ T6903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.233731][ T6903] CPU: 2 UID: 0 PID: 6903 Comm: syz.3.351 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  241.238551][ T6903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  241.244812][ T6903] Call Trace:
[  241.246241][ T6903]  <TASK>
[  241.247662][ T6903]  dump_stack_lvl+0x16c/0x1f0
[  241.249657][ T6903]  should_fail_ex+0x497/0x5b0
[  241.251713][ T6903]  _copy_to_user+0x30/0xc0
[  241.253605][ T6903]  simple_read_from_buffer+0xd0/0x160
[  241.256012][ T6903]  proc_fail_nth_read+0x19e/0x280
[  241.258152][ T6903]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  241.260685][ T6903]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  241.262997][ T6903]  vfs_read+0x1d4/0xbd0
[  241.264887][ T6903]  ? __fdget_pos+0xeb/0x180
[  241.266828][ T6903]  ? __pfx_vfs_read+0x10/0x10
[  241.268823][ T6903]  ? __pfx___mutex_lock+0x10/0x10
[  241.270995][ T6903]  ? __fget_files+0x256/0x400
[  241.272977][ T6903]  ksys_read+0x12f/0x260
[  241.274899][ T6903]  ? __pfx_ksys_read+0x10/0x10
[  241.276903][ T6903]  __do_fast_syscall_32+0x73/0x120
[  241.279043][ T6903]  do_fast_syscall_32+0x32/0x80
[  241.281045][ T6903]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  241.283685][ T6903] RIP: 0023:0xf73de579
[  241.285406][ T6903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  241.293599][ T6903] RSP: 002b:00000000f56d65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  241.297125][ T6903] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f56d6620
[  241.300400][ T6903] RDX: 000000000000000f RSI: 00000000f73cfff4 RDI: 0000000000000000
[  241.303692][ T6903] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  241.307236][ T6903] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  241.311277][ T6903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  241.314628][ T6903]  </TASK>
[  242.612235][   T59] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  242.798438][   T59] usb 6-1: Using ep0 maxpacket: 16
[  242.803758][   T59] usb 6-1: config 0 has no interfaces?
[  242.807195][   T59] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  242.813534][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.827540][   T59] usb 6-1: config 0 descriptor??
[  243.281951][ T6918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  243.309208][ T6918] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.070943][ T6937] FAULT_INJECTION: forcing a failure.
[  244.070943][ T6937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.080068][ T6937] CPU: 3 UID: 0 PID: 6937 Comm: syz.0.358 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  244.085460][ T6937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.090203][ T6937] Call Trace:
[  244.091770][ T6937]  <TASK>
[  244.093253][ T6937]  dump_stack_lvl+0x16c/0x1f0
[  244.096258][ T6937]  should_fail_ex+0x497/0x5b0
[  244.098755][ T6937]  _copy_to_user+0x30/0xc0
[  244.101417][ T6937]  simple_read_from_buffer+0xd0/0x160
[  244.104562][ T6937]  proc_fail_nth_read+0x19e/0x280
[  244.107784][ T6937]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  244.110748][ T6937]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  244.115803][ T6937]  vfs_read+0x1d4/0xbd0
[  244.118259][ T6937]  ? __fdget_pos+0xeb/0x180
[  244.120585][ T6937]  ? __pfx_vfs_read+0x10/0x10
[  244.123410][ T6937]  ? __pfx___mutex_lock+0x10/0x10
[  244.126757][ T6937]  ? __fget_files+0x256/0x400
[  244.129554][ T6937]  ksys_read+0x12f/0x260
[  244.132088][ T6937]  ? __pfx_ksys_read+0x10/0x10
[  244.134922][ T6937]  __do_fast_syscall_32+0x73/0x120
[  244.138005][ T6937]  do_fast_syscall_32+0x32/0x80
[  244.140833][ T6937]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.144534][ T6937] RIP: 0023:0xf739e579
[  244.146965][ T6937] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  244.157551][ T6937] RSP: 002b:00000000f56965a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  244.161732][ T6937] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5696620
[  244.165761][ T6937] RDX: 000000000000000f RSI: 00000000f738fff4 RDI: 0000000000000000
[  244.169144][ T6937] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  244.172615][ T6937] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  244.176541][ T6937] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.179898][ T6937]  </TASK>
[  244.181380][    C3] vkms_vblank_simulate: vblank timer overrun
[  244.276121][ T6939] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  244.984661][  T987] usb 6-1: USB disconnect, device number 4
[  245.657238][ T6954] netlink: 48 bytes leftover after parsing attributes in process `syz.0.363'.
[  245.662076][ T6954] netlink: 24 bytes leftover after parsing attributes in process `syz.0.363'.
[  245.819643][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.363'.
[  245.827811][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.363'.
[  246.623365][ T6970] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  247.158502][ T5397] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  247.348874][ T5397] usb 5-1: Using ep0 maxpacket: 32
[  247.358901][ T5397] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  247.383841][ T5397] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  247.394728][ T5397] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  247.400701][ T5397] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  247.409173][ T5397] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  247.415042][ T5397] usb 5-1: config 0 interface 0 has no altsetting 0
[  247.421727][ T5397] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  247.425551][ T5397] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  247.428801][ T5397] usb 5-1: Product: syz
[  247.430629][ T5397] usb 5-1: Manufacturer: syz
[  247.432627][ T5397] usb 5-1: SerialNumber: syz
[  247.437845][ T5397] usb 5-1: config 0 descriptor??
[  247.451449][ T5397] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  247.458955][ T5397] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  247.753340][ T6977] ldusb 5-1:0.0: Couldn't submit interrupt_in_urb -90
[  247.842316][    T9] usb 5-1: USB disconnect, device number 6
[  247.847831][    T9] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  248.819569][ T6990] netlink: 48 bytes leftover after parsing attributes in process `syz.0.376'.
[  248.826170][ T6990] netlink: 24 bytes leftover after parsing attributes in process `syz.0.376'.
[  248.963132][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.376'.
[  248.968878][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.376'.
[  251.382528][ T6999] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  251.484277][ T7001] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.757596][ T7007] FAULT_INJECTION: forcing a failure.
[  251.757596][ T7007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.776232][ T7007] CPU: 3 UID: 0 PID: 7007 Comm: syz.3.382 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  251.781114][ T7007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.785636][ T7007] Call Trace:
[  251.787156][ T7007]  <TASK>
[  251.788487][ T7007]  dump_stack_lvl+0x16c/0x1f0
[  251.790609][ T7007]  should_fail_ex+0x497/0x5b0
[  251.792997][ T7007]  _copy_to_user+0x30/0xc0
[  251.795249][ T7007]  simple_read_from_buffer+0xd0/0x160
[  251.798057][ T7007]  proc_fail_nth_read+0x19e/0x280
[  251.800758][ T7007]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  251.803437][ T7007]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  251.805839][ T7007]  vfs_read+0x1d4/0xbd0
[  251.807497][ T7007]  ? __fdget_pos+0xeb/0x180
[  251.809383][ T7007]  ? __pfx_vfs_read+0x10/0x10
[  251.811343][ T7007]  ? __pfx___mutex_lock+0x10/0x10
[  251.813625][ T7007]  ? __fget_files+0x256/0x400
[  251.815801][ T7007]  ksys_read+0x12f/0x260
[  251.817566][ T7007]  ? __pfx_ksys_read+0x10/0x10
[  251.819471][ T7007]  __do_fast_syscall_32+0x73/0x120
[  251.821799][ T7007]  do_fast_syscall_32+0x32/0x80
[  251.823902][ T7007]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  251.826617][ T7007] RIP: 0023:0xf73de579
[  251.828415][ T7007] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  251.837954][ T7007] RSP: 002b:00000000f56d65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  251.841400][ T7007] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56d6620
[  251.844732][ T7007] RDX: 000000000000000f RSI: 00000000f73cfff4 RDI: 0000000000000000
[  251.848242][ T7007] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  251.852141][ T7007] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  251.855432][ T7007] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  251.858716][ T7007]  </TASK>
[  252.056704][ T7015] overlayfs: failed to resolve './file1': -2
[  252.966051][ T7026] loop2: detected capacity change from 0 to 7
[  252.993025][ T7026] Dev loop2: unable to read RDB block 7
[  252.996166][ T7026]  loop2: unable to read partition table
[  253.008561][ T7026] loop2: partition table beyond EOD, truncated
[  253.015932][ T7026] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5)
[  253.114957][ T4841] Dev loop2: unable to read RDB block 7
[  253.117201][ T4841]  loop2: unable to read partition table
[  253.120248][ T4841] loop2: partition table beyond EOD, truncated
[  253.246001][ T7030] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  253.304421][ T4841] Dev loop2: unable to read RDB block 7
[  253.307006][ T4841]  loop2: unable to read partition table
[  253.309552][ T4841] loop2: partition table beyond EOD, truncated
[  253.865073][ T7035] netlink: 'syz.0.390': attribute type 1 has an invalid length.
[  254.117013][ T7040] netlink: 'syz.0.391': attribute type 1 has an invalid length.
[  254.195818][ T7042] FAULT_INJECTION: forcing a failure.
[  254.195818][ T7042] name failslab, interval 1, probability 0, space 0, times 0
[  254.204067][ T7042] CPU: 3 UID: 0 PID: 7042 Comm: syz.0.391 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  254.208653][ T7042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.213425][ T7042] Call Trace:
[  254.214979][ T7042]  <TASK>
[  254.216297][ T7042]  dump_stack_lvl+0x16c/0x1f0
[  254.218358][ T7042]  should_fail_ex+0x497/0x5b0
[  254.220681][ T7042]  ? fs_reclaim_acquire+0xae/0x160
[  254.223320][ T7042]  should_failslab+0xc2/0x120
[  254.225458][ T7042]  kmem_cache_alloc_node_noprof+0x71/0x310
[  254.228074][ T7042]  ? __alloc_skb+0x2b3/0x380
[  254.230126][ T7042]  __alloc_skb+0x2b3/0x380
[  254.232318][ T7042]  ? __pfx___alloc_skb+0x10/0x10
[  254.234400][ T7042]  ? __pfx___might_resched+0x10/0x10
[  254.236508][ T7042]  netlink_alloc_large_skb+0x69/0x130
[  254.238739][ T7042]  netlink_sendmsg+0x689/0xd70
[  254.240893][ T7042]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.243228][ T7042]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  254.245557][ T7042]  ____sys_sendmsg+0x9b4/0xb50
[  254.247607][ T7042]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.249885][ T7042]  ? get_compat_msghdr+0x11b/0x170
[  254.252125][ T7042]  ? __pfx___lock_acquire+0x10/0x10
[  254.254444][ T7042]  ___sys_sendmsg+0x135/0x1e0
[  254.256533][ T7042]  ? __pfx____sys_sendmsg+0x10/0x10
[  254.258857][ T7042]  ? ksys_write+0x21c/0x260
[  254.260799][ T7042]  ? __fget_light+0x173/0x210
[  254.262896][ T7042]  __sys_sendmsg+0x117/0x1f0
[  254.265038][ T7042]  ? __pfx___sys_sendmsg+0x10/0x10
[  254.267361][ T7042]  __do_fast_syscall_32+0x73/0x120
[  254.269493][ T7042]  do_fast_syscall_32+0x32/0x80
[  254.271455][ T7042]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.273921][ T7042] RIP: 0023:0xf739e579
[  254.275814][ T7042] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  254.284437][ T7042] RSP: 002b:00000000f567556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  254.288095][ T7042] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000080
[  254.291572][ T7042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  254.295072][ T7042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  254.298569][ T7042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  254.302031][ T7042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  254.305503][ T7042]  </TASK>
[  254.315864][ T7040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.391'.
[  254.849993][ T7049] mkiss: ax0: crc mode is auto.
[  258.640209][ T7062] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  259.171947][ T7067] loop2: detected capacity change from 0 to 7
[  259.175431][ T7067] Dev loop2: unable to read RDB block 7
[  259.198412][ T7067]  loop2: unable to read partition table
[  259.198712][ T7067] loop2: partition table beyond EOD, truncated
[  259.198729][ T7067] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5)
[  259.292209][ T7072] netlink: 'syz.1.400': attribute type 1 has an invalid length.
[  259.480800][ T7071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.400'.
[  260.426346][ T5896] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  260.438574][ T5896] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  260.462888][ T5896] hid-generic 0000:0000:0000.000C: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  260.470333][ T7079] FAULT_INJECTION: forcing a failure.
[  260.470333][ T7079] name failslab, interval 1, probability 0, space 0, times 0
[  260.488375][ T7079] CPU: 2 UID: 0 PID: 7079 Comm: syz.3.402 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  260.493529][ T7079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.498258][ T7079] Call Trace:
[  260.499902][ T7079]  <TASK>
[  260.501228][ T7079]  dump_stack_lvl+0x16c/0x1f0
[  260.503390][ T7079]  should_fail_ex+0x497/0x5b0
[  260.505482][ T7079]  ? fs_reclaim_acquire+0xae/0x160
[  260.507841][ T7079]  should_failslab+0xc2/0x120
[  260.510034][ T7079]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  260.512416][ T7079]  ? __kernfs_new_node+0xd3/0x890
[  260.515165][ T7079]  __kernfs_new_node+0xd3/0x890
[  260.517308][ T7079]  ? __pfx___kernfs_new_node+0x10/0x10
[  260.519989][ T7079]  ? pcpu_memcg_post_alloc_hook+0x1e/0x6a0
[  260.523155][ T7079]  ? pcpu_alloc_noprof+0x1f4/0x14e0
[  260.526596][ T7079]  ? cgroup_rstat_init+0x1a5/0x230
[  260.529494][ T7079]  kernfs_new_node+0x186/0x240
[  260.531591][ T7079]  kernfs_create_dir_ns+0x4c/0x150
[  260.533881][ T7079]  cgroup_mkdir+0x547/0x1140
[  260.535710][ T7079]  ? __pfx_cgroup_mkdir+0x10/0x10
[  260.537627][ T7079]  kernfs_iop_mkdir+0x14a/0x1d0
[  260.539496][ T7079]  vfs_mkdir+0x57d/0x860
[  260.541127][ T7079]  do_mkdirat+0x301/0x3a0
[  260.542795][ T7079]  ? __pfx_do_mkdirat+0x10/0x10
[  260.544858][ T7079]  ? getname_flags.part.0+0x1c5/0x550
[  260.547197][ T7079]  __ia32_sys_mkdirat+0x82/0xb0
[  260.549329][ T7079]  __do_fast_syscall_32+0x73/0x120
[  260.551623][ T7079]  do_fast_syscall_32+0x32/0x80
[  260.553832][ T7079]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  260.556548][ T7079] RIP: 0023:0xf73de579
[  260.558619][ T7079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  260.567004][ T7079] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[  260.570786][ T7079] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000080
[  260.574455][ T7079] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000000
[  260.577941][ T7079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  260.581426][ T7079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  260.584862][ T7079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  260.588308][ T7079]  </TASK>
[  260.950558][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  260.953102][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  261.038611][ T5896] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  261.219413][ T5896] usb 8-1: Using ep0 maxpacket: 32
[  261.237764][ T5896] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  261.246928][ T5896] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  261.252527][ T5896] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  261.266602][ T5896] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  261.273574][ T5896] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  261.281536][ T5896] usb 8-1: config 0 interface 0 has no altsetting 0
[  261.290575][ T5896] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  261.294889][ T5896] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  261.307446][ T5896] usb 8-1: Product: syz
[  261.310490][ T5896] usb 8-1: Manufacturer: syz
[  261.312714][ T5896] usb 8-1: SerialNumber: syz
[  261.316961][ T5896] usb 8-1: config 0 descriptor??
[  261.333832][ T5896] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  261.347137][ T5896] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  261.551202][ T7085] ldusb 8-1:0.0: Couldn't submit interrupt_in_urb -90
[  261.571097][ T5896] usb 8-1: USB disconnect, device number 7
[  261.581040][ T5896] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  262.267561][ T7093] overlayfs: failed to resolve './file1': -2
[  262.895462][    C0] vkms_vblank_simulate: vblank timer overrun
[  263.006174][ T7097] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  263.273603][    C0] vkms_vblank_simulate: vblank timer overrun
[  263.368120][ T7104] loop2: detected capacity change from 0 to 7
[  263.372588][ T7104] Dev loop2: unable to read RDB block 7
[  263.375459][ T7104]  loop2: unable to read partition table
[  263.381731][ T7104] loop2: partition table beyond EOD, truncated
[  263.384603][ T7104] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5)
[  263.718393][    C0] vkms_vblank_simulate: vblank timer overrun
[  263.990472][    C0] vkms_vblank_simulate: vblank timer overrun
[  264.091286][ T7110] binder: transaction release 7 bad handle 1, ret = -22
[  264.178828][    C0] vkms_vblank_simulate: vblank timer overrun
[  264.534879][ T7112] netlink: 'syz.0.413': attribute type 1 has an invalid length.
[  264.615586][ T7113] IPVS: lc: SCTP 172.20.20.187:0 - no destination available
[  264.670406][ T7114] netlink: 56 bytes leftover after parsing attributes in process `syz.0.413'.
[  264.908756][ T7121] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  265.162281][ T7128] loop2: detected capacity change from 0 to 7
[  265.178539][ T7128] Dev loop2: unable to read RDB block 7
[  265.180956][ T7128]  loop2: unable to read partition table
[  265.183537][ T7128] loop2: partition table beyond EOD, truncated
[  265.186091][ T7128] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5)
[  265.531910][   T39] audit: type=1326 audit(1725780190.204:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.558417][   T39] audit: type=1326 audit(1725780190.204:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.567506][   T39] audit: type=1326 audit(1725780190.204:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.578410][   T39] audit: type=1326 audit(1725780190.204:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.587599][   T39] audit: type=1326 audit(1725780190.204:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.602101][   T39] audit: type=1326 audit(1725780190.204:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.614449][   T39] audit: type=1326 audit(1725780190.204:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.623841][   T39] audit: type=1326 audit(1725780190.204:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.634342][   T39] audit: type=1326 audit(1725780190.204:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  265.643375][   T39] audit: type=1326 audit(1725780190.204:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  266.088065][ T4841] Dev loop2: unable to read RDB block 7
[  266.091644][ T4841]  loop2: unable to read partition table
[  266.095284][ T4841] loop2: partition table beyond EOD, truncated
[  266.550374][    C0] vkms_vblank_simulate: vblank timer overrun
[  266.608445][    C0] vkms_vblank_simulate: vblank timer overrun
[  266.799037][    C0] vkms_vblank_simulate: vblank timer overrun
[  266.857659][    C0] vkms_vblank_simulate: vblank timer overrun
[  266.959981][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.036464][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.158456][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.348978][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.390279][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.574436][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.848430][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.979833][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.126317][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.150225][ T5366] Bluetooth: hci6: command 0x0406 tx timeout
[  268.264606][ T7146] overlayfs: failed to resolve './file1': -2
[  268.374845][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.495991][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.788563][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.878788][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.212838][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.268474][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.386466][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.609089][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.724827][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.808388][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.903570][    C0] vkms_vblank_simulate: vblank timer overrun
[  270.175022][    C0] vkms_vblank_simulate: vblank timer overrun
[  270.355535][ T7153] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  270.429706][ T7155] netlink: 36 bytes leftover after parsing attributes in process `syz.0.428'.
[  270.624263][ T7157] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  270.628762][ T5366] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  270.631030][ T7157] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  270.634125][ T5366] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  270.637558][ T7158] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  270.645941][ T7158] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  270.647873][ T5366] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  270.670125][ T5366] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  270.674217][ T5366] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  270.677535][ T5366] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  270.918466][ T7159] chnl_net:caif_netlink_parms(): no params data found
[  271.097011][ T7174] overlayfs: failed to resolve './file1': -2
[  271.137415][ T7159] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.142629][ T7159] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.146015][ T7159] bridge_slave_0: entered allmulticast mode
[  271.151208][ T7159] bridge_slave_0: entered promiscuous mode
[  271.158235][ T7159] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.161988][ T7159] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.164875][ T7159] bridge_slave_1: entered allmulticast mode
[  271.169013][ T7159] bridge_slave_1: entered promiscuous mode
[  271.275171][ T7159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.292595][ T7159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  271.403364][ T7159] team0: Port device team_slave_0 added
[  271.410241][ T7159] team0: Port device team_slave_1 added
[  271.486696][ T7159] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.495085][ T7159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.519159][ T7159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.526356][ T7159] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.547216][ T7159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.570691][ T7159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.688894][ T7159] hsr_slave_0: entered promiscuous mode
[  271.695088][ T7159] hsr_slave_1: entered promiscuous mode
[  271.749993][ T7159] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  271.763727][ T7159] Cannot create hsr debugfs directory
[  272.141775][ T7159] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.242650][ T7159] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.403338][ T7159] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.601615][ T7159] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.708589][ T5357] Bluetooth: hci7: command tx timeout
[  272.813114][ T7159] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  272.821910][ T7159] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  272.837469][ T7159] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  272.856353][ T7159] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  272.979112][   T35] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  272.982698][   T35] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  272.988896][   T35] hid-generic 0000:0000:0000.000D: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  273.042998][ T7159] 8021q: adding VLAN 0 to HW filter on device bond0
[  273.078259][ T7159] 8021q: adding VLAN 0 to HW filter on device team0
[  273.093970][   T84] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.097303][   T84] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.112687][   T84] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.116202][   T84] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.340270][ T7159] 8021q: adding VLAN 0 to HW filter on device batadv0
[  273.385951][ T7159] veth0_vlan: entered promiscuous mode
[  273.396953][ T7159] veth1_vlan: entered promiscuous mode
[  273.438612][ T7159] veth0_macvtap: entered promiscuous mode
[  273.445066][ T7159] veth1_macvtap: entered promiscuous mode
[  273.460394][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.465047][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.470125][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.474471][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.479555][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.484175][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.488688][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.493127][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.497129][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.503294][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.507413][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.512484][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.519650][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.524003][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.528072][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.532996][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.540594][ T7159] batman_adv: batadv0: Interface activated: batadv_slave_0
[  273.550707][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.554913][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.560405][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.564957][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.569217][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.573637][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.577881][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.583277][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.587500][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.592420][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.596606][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.601262][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.605010][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.609171][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.612406][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.617732][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.624232][ T7159] batman_adv: batadv0: Interface activated: batadv_slave_1
[  273.635512][ T7159] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.640055][ T7159] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.644302][ T7159] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.647971][ T7159] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.740772][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.745090][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.783078][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.787161][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.300200][    T8] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  274.304125][    T8] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  274.322379][    T8] hid-generic 0000:0000:0000.000E: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  274.798635][ T5357] Bluetooth: hci7: command tx timeout
[  276.870338][ T5357] Bluetooth: hci7: command tx timeout
[  278.415565][ T7222] netlink: 48 bytes leftover after parsing attributes in process `syz.0.446'.
[  278.419427][ T7222] netlink: 24 bytes leftover after parsing attributes in process `syz.0.446'.
[  278.632718][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'.
[  278.640124][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'.
[  278.948526][ T5357] Bluetooth: hci7: command tx timeout
[  280.978171][    C3] vkms_vblank_simulate: vblank timer overrun
[  282.853528][    C3] vkms_vblank_simulate: vblank timer overrun
[  283.283229][ T5366] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  283.287948][ T5366] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  283.292130][ T5366] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  283.296999][ T5366] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  283.301236][ T5366] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  283.304771][ T5366] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  283.823700][ T7243] chnl_net:caif_netlink_parms(): no params data found
[  284.101356][ T7243] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.107781][ T7243] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.111363][ T7243] bridge_slave_0: entered allmulticast mode
[  284.120629][ T7243] bridge_slave_0: entered promiscuous mode
[  284.137422][ T7243] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.148435][ T7243] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.151933][ T7243] bridge_slave_1: entered allmulticast mode
[  284.156356][ T7243] bridge_slave_1: entered promiscuous mode
[  284.402174][ T7243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.411741][ T7243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  284.627407][ T7243] team0: Port device team_slave_0 added
[  284.635997][ T7243] team0: Port device team_slave_1 added
[  284.690200][ T5357] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  284.698264][ T5357] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  284.708863][ T5357] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  284.743220][ T5357] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  284.748110][ T5357] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  284.760028][ T5357] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  284.895960][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.900352][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.919191][ T7243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.144625][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.147693][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.178357][ T7243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.358571][ T5357] Bluetooth: hci8: command tx timeout
[  285.679500][ T7243] hsr_slave_0: entered promiscuous mode
[  285.703512][ T7243] hsr_slave_1: entered promiscuous mode
[  285.709032][ T7243] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  285.712408][ T7243] Cannot create hsr debugfs directory
[  286.234485][ T7259] chnl_net:caif_netlink_parms(): no params data found
[  286.624423][ T7243] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.849661][ T7243] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.881649][ T5357] Bluetooth: hci9: command tx timeout
[  287.450442][ T5357] Bluetooth: hci8: command tx timeout
[  288.391121][ T7243] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.588826][ T5366] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  288.605244][ T5366] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  288.613638][ T5366] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  288.614004][ T7259] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.648979][ T5366] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  288.653593][ T5366] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  288.657807][ T5366] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  288.739536][ T7259] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.742873][ T7259] bridge_slave_0: entered allmulticast mode
[  288.773296][ T7259] bridge_slave_0: entered promiscuous mode
[  288.805241][ T7243] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.828736][ T7259] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.832221][ T7259] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.835587][ T7259] bridge_slave_1: entered allmulticast mode
[  288.861272][ T7259] bridge_slave_1: entered promiscuous mode
[  288.955038][ T5366] Bluetooth: hci9: command tx timeout
[  289.101220][ T7259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.124843][ T7259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.322116][ T7259] team0: Port device team_slave_0 added
[  289.353553][ T7259] team0: Port device team_slave_1 added
[  289.497588][ T7243] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  289.511898][ T7243] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  289.518477][ T5366] Bluetooth: hci8: command tx timeout
[  289.577387][ T7259] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.588349][ T7259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.609051][ T7259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.658747][ T7243] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  289.676217][ T7243] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  289.709062][ T7259] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.713004][ T7259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.759275][ T7259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.965050][ T7259] hsr_slave_0: entered promiscuous mode
[  289.978243][ T7259] hsr_slave_1: entered promiscuous mode
[  289.990211][ T7259] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.993470][ T7259] Cannot create hsr debugfs directory
[  290.626469][ T7274] chnl_net:caif_netlink_parms(): no params data found
[  290.646048][ T7243] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.708766][ T5366] Bluetooth: hci12: command tx timeout
[  290.818968][ T7259] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.897781][ T7243] 8021q: adding VLAN 0 to HW filter on device team0
[  290.929831][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.942956][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.952762][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.956302][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.014272][ T7259] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.028594][ T5366] Bluetooth: hci9: command tx timeout
[  291.247042][ T7259] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.346143][ T7274] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.355654][ T7274] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.361981][ T7274] bridge_slave_0: entered allmulticast mode
[  291.369850][ T7274] bridge_slave_0: entered promiscuous mode
[  291.425567][ T7259] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.529020][ T7274] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.532279][ T7274] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.546105][ T7274] bridge_slave_1: entered allmulticast mode
[  291.551486][ T7274] bridge_slave_1: entered promiscuous mode
[  291.588706][ T5366] Bluetooth: hci8: command tx timeout
[  291.754073][ T7274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.777794][ T7274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  291.984249][ T7274] team0: Port device team_slave_0 added
[  292.041958][ T7274] team0: Port device team_slave_1 added
[  292.271411][ T7274] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.275466][ T7274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.328433][ T7274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.335830][ T7274] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.350242][ T7274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.389131][ T7274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  292.407842][ T7259] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  292.489865][ T7259] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  292.615388][ T7243] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.630012][ T7259] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  292.690245][ T7274] hsr_slave_0: entered promiscuous mode
[  292.693816][ T7274] hsr_slave_1: entered promiscuous mode
[  292.697446][ T7274] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  292.702254][ T7274] Cannot create hsr debugfs directory
[  292.705698][ T7259] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  292.789209][ T5366] Bluetooth: hci12: command tx timeout
[  293.093376][ T7274] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.108525][ T5366] Bluetooth: hci9: command tx timeout
[  293.140026][ T7243] veth0_vlan: entered promiscuous mode
[  293.164868][ T7243] veth1_vlan: entered promiscuous mode
[  293.248084][ T7259] 8021q: adding VLAN 0 to HW filter on device bond0
[  293.267562][ T7259] 8021q: adding VLAN 0 to HW filter on device team0
[  293.315004][ T7259] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  293.319337][ T7259] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  293.448255][ T7274] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.483171][ T7243] veth0_macvtap: entered promiscuous mode
[  293.494211][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.497485][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.504597][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.507663][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.544459][ T7243] veth1_macvtap: entered promiscuous mode
[  293.580174][ T7274] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.608783][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  293.650684][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.655072][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.669893][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.674981][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.691979][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.708941][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.714123][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.730187][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.735672][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.758874][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.763599][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.778354][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.782630][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.787307][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.808400][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.812743][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.816736][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.828343][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.842078][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.860395][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.864921][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.870013][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.874875][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.879424][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.884695][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.889552][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.899865][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.904009][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.910513][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.914721][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.920138][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.924586][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.929488][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.935066][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.939315][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.943867][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.949877][    T8] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  293.951896][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.961387][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.969214][ T7243] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.973476][ T7243] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.978705][    T8] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  293.983450][    T8] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  293.989449][ T7243] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.989529][ T7243] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.010197][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.036588][ T7306] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  294.057143][    T8] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  294.061837][ T7274] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.338948][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.342681][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.391060][    T8] usb 5-1: USB disconnect, device number 7
[  294.568044][ T7259] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.601509][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.601612][ T7274] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  294.605010][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.651969][ T7274] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  294.671349][ T7274] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  294.703091][ T7274] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  294.795296][ T7259] veth0_vlan: entered promiscuous mode
[  294.834311][ T7259] veth1_vlan: entered promiscuous mode
[  294.878952][ T5366] Bluetooth: hci12: command tx timeout
[  294.892388][ T7259] veth0_macvtap: entered promiscuous mode
[  294.907659][ T7259] veth1_macvtap: entered promiscuous mode
[  294.950952][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.955826][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.970062][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.974651][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.986746][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.991738][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.996103][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.009404][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.013948][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.038441][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.042436][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.046838][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.068579][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.072921][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.076781][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.088364][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.092266][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.096531][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.118427][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.123865][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.141266][ T7259] batman_adv: batadv0: Interface activated: batadv_slave_0
[  295.172859][ T7274] 8021q: adding VLAN 0 to HW filter on device bond0
[  295.178147][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.191740][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.196027][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.212403][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.219725][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.228731][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.233310][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.240452][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.244683][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.251142][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.265958][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.273616][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.277416][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.282223][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.286239][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.290843][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.295034][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.308440][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.327498][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.339389][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.346705][ T7259] batman_adv: batadv0: Interface activated: batadv_slave_1
[  295.392882][ T7259] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  295.397769][ T7259] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  295.418403][ T7259] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  295.422301][ T7259] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.522793][ T7274] 8021q: adding VLAN 0 to HW filter on device team0
[  295.592926][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.595976][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  295.681207][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.684834][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  295.903936][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.913064][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.987376][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.998575][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.801435][ T7274] 8021q: adding VLAN 0 to HW filter on device batadv0
[  296.934125][ T7274] veth0_vlan: entered promiscuous mode
[  296.948936][ T5366] Bluetooth: hci12: command tx timeout
[  296.955027][ T7274] veth1_vlan: entered promiscuous mode
[  297.000938][ T7274] veth0_macvtap: entered promiscuous mode
[  297.007509][ T7274] veth1_macvtap: entered promiscuous mode
[  297.021596][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.026063][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.028891][ T5896] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  297.030504][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.038269][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.043045][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.047414][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.052120][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.056688][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.061142][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.066922][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.077923][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.083227][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.086954][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.091496][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.095853][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.100339][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.104513][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.111479][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.115965][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.120711][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.124962][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.129813][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.136197][ T7274] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.142022][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.147152][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.152163][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.160944][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.165978][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.172371][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.176788][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.181711][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.185856][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.194373][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.199261][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.203352][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.207205][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.208386][ T5896] usb 6-1: Using ep0 maxpacket: 32
[  297.213011][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.219217][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.224904][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.231079][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.236778][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.236945][ T5896] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  297.241915][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.245046][ T5896] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  297.251513][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.265951][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.275808][ T5896] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  297.276154][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.285931][ T5896] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  297.289170][ T7274] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.296637][ T5896] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  297.312822][ T5896] usb 6-1: config 0 interface 0 has no altsetting 0
[  297.321236][ T7274] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.323393][ T5896] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  297.324966][ T7274] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.324993][ T7274] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.349563][ T5896] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  297.353839][ T5896] usb 6-1: Product: syz
[  297.355607][ T5896] usb 6-1: Manufacturer: syz
[  297.357616][ T5896] usb 6-1: SerialNumber: syz
[  297.358545][ T7274] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  297.369303][ T5896] usb 6-1: config 0 descriptor??
[  297.376656][ T5896] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  297.384642][ T5896] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  297.477106][ T7330] overlayfs: failed to resolve './file1': -2
[  297.601295][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.605540][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.624189][ T7324] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90
[  297.683712][ T5896] usb 6-1: USB disconnect, device number 5
[  297.700940][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.701387][ T5896] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  297.718670][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.754098][ T5366] Bluetooth: hci9: command 0x0406 tx timeout
[  304.718419][   T35] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  304.908386][   T35] usb 8-1: Using ep0 maxpacket: 8
[  304.924082][   T35] usb 8-1: config 0 has no interfaces?
[  304.949245][   T35] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  304.956387][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.978433][   T35] usb 8-1: Product: syz
[  304.980124][   T35] usb 8-1: Manufacturer: syz
[  304.982440][   T35] usb 8-1: SerialNumber: syz
[  304.999406][   T35] usb 8-1: config 0 descriptor??
[  305.327747][ T7378] FAULT_INJECTION: forcing a failure.
[  305.327747][ T7378] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  305.398361][ T7378] CPU: 2 UID: 0 PID: 7378 Comm: syz.3.474 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  305.403023][ T7378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  305.407193][ T7378] Call Trace:
[  305.408882][ T7378]  <TASK>
[  305.410503][ T7378]  dump_stack_lvl+0x16c/0x1f0
[  305.412526][ T7378]  should_fail_ex+0x497/0x5b0
[  305.414504][ T7378]  ? fs_reclaim_acquire+0xae/0x160
[  305.416957][ T7378]  should_fail_alloc_page+0xe7/0x130
[  305.419574][ T7378]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  305.422650][ T7378]  __alloc_pages_noprof+0x194/0x2460
[  305.424870][ T7378]  ? copy_splice_read+0x1a8/0xb80
[  305.427257][ T7378]  ? stack_trace_save+0x95/0xd0
[  305.429310][ T7378]  ? __pfx_stack_trace_save+0x10/0x10
[  305.431849][ T7378]  ? stack_depot_save_flags+0x28/0x900
[  305.434645][ T7378]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  305.437068][ T7378]  ? copy_splice_read+0x1a8/0xb80
[  305.439241][ T7378]  ? kasan_save_stack+0x33/0x60
[  305.441313][ T7378]  ? kasan_save_track+0x14/0x30
[  305.443403][ T7378]  ? __kasan_kmalloc+0xaa/0xb0
[  305.445405][ T7378]  ? __kmalloc_noprof+0x1e8/0x410
[  305.447519][ T7378]  ? copy_splice_read+0x1a8/0xb80
[  305.449650][ T7378]  ? do_splice_read+0x294/0x380
[  305.451699][ T7378]  ? splice_direct_to_actor+0x2a4/0xa40
[  305.454020][ T7378]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.456716][ T7378]  alloc_pages_bulk_noprof+0x742/0x14f0
[  305.459049][ T7378]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  305.461549][ T7378]  ? trace_kmalloc+0x2d/0xe0
[  305.463673][ T7378]  ? __kmalloc_noprof+0x207/0x410
[  305.466021][ T7378]  copy_splice_read+0x1e3/0xb80
[  305.468085][ T7378]  ? look_up_lock_class+0x68/0x140
[  305.470252][ T7378]  ? __pfx_copy_splice_read+0x10/0x10
[  305.472488][ T7378]  ? __pfx_register_lock_class+0x10/0x10
[  305.474883][ T7378]  ? __pfx_copy_splice_read+0x10/0x10
[  305.477151][ T7378]  do_splice_read+0x294/0x380
[  305.479133][ T7378]  splice_direct_to_actor+0x2a4/0xa40
[  305.481367][ T7378]  ? __pfx_direct_splice_actor+0x10/0x10
[  305.483753][ T7378]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  305.486240][ T7378]  ? __fget_files+0x24c/0x400
[  305.488474][ T7378]  ? __pfx_lock_release+0x10/0x10
[  305.490598][ T7378]  do_splice_direct+0x17e/0x250
[  305.492646][ T7378]  ? __pfx_do_splice_direct+0x10/0x10
[  305.494925][ T7378]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  305.498586][ T7378]  do_sendfile+0xb1e/0xe50
[  305.500508][ T7378]  ? __pfx_do_sendfile+0x10/0x10
[  305.502618][ T7378]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  305.505007][ T7378]  ? ksys_write+0x1ab/0x260
[  305.506918][ T7378]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  305.509518][ T7378]  __do_fast_syscall_32+0x73/0x120
[  305.511673][ T7378]  do_fast_syscall_32+0x32/0x80
[  305.513693][ T7378]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.516312][ T7378] RIP: 0023:0xf740e579
[  305.518031][ T7378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  305.525445][ T7378] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  305.528937][ T7378] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000000009
[  305.531839][ T7378] RDX: 0000000000000000 RSI: 0000000000007fff RDI: 0000000000000000
[  305.534769][ T7378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.537976][ T7378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  305.541254][ T7378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.544240][ T7378]  </TASK>
[  305.688414][   T57] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  305.726621][  T833] usb 8-1: USB disconnect, device number 8
[  305.868427][   T57] usb 7-1: Using ep0 maxpacket: 8
[  305.885648][   T57] usb 7-1: config 0 has no interfaces?
[  305.928528][   T57] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  305.932629][   T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.936000][   T57] usb 7-1: Product: syz
[  305.937931][   T57] usb 7-1: Manufacturer: syz
[  305.941515][   T57] usb 7-1: SerialNumber: syz
[  305.952213][   T57] usb 7-1: config 0 descriptor??
[  306.509116][    T8] usb 7-1: USB disconnect, device number 4
[  307.567273][ T7412] overlayfs: failed to resolve './file1': -2
[  308.437943][   T13] bridge_slave_1: left allmulticast mode
[  308.440278][   T13] bridge_slave_1: left promiscuous mode
[  308.442528][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.480330][   T13] bridge_slave_0: left allmulticast mode
[  308.483031][   T13] bridge_slave_0: left promiscuous mode
[  308.485734][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.512738][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  309.550391][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  309.557210][   T13] bond0 (unregistering): Released all slaves
[  309.702160][ T7441] netlink: 28 bytes leftover after parsing attributes in process `syz.2.493'.
[  309.706341][ T7441] FAULT_INJECTION: forcing a failure.
[  309.706341][ T7441] name failslab, interval 1, probability 0, space 0, times 0
[  309.714731][ T7441] CPU: 3 UID: 0 PID: 7441 Comm: syz.2.493 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  309.719616][ T7441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  309.724641][ T7441] Call Trace:
[  309.726441][ T7441]  <TASK>
[  309.727847][ T7441]  dump_stack_lvl+0x16c/0x1f0
[  309.730458][ T7441]  should_fail_ex+0x497/0x5b0
[  309.733333][ T7441]  should_failslab+0xc2/0x120
[  309.735720][ T7441]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  309.738522][ T7441]  ? skb_clone+0x190/0x3f0
[  309.741080][ T7441]  skb_clone+0x190/0x3f0
[  309.743178][ T7441]  netlink_deliver_tap+0xb26/0xcf0
[  309.745875][ T7441]  netlink_unicast+0x6b4/0x7f0
[  309.748528][ T7441]  ? __pfx_netlink_unicast+0x10/0x10
[  309.751759][ T7441]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  309.754902][ T7441]  netlink_ack+0x6a5/0xb20
[  309.757399][ T7441]  netlink_rcv_skb+0x327/0x410
[  309.760125][ T7441]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  309.763046][ T7441]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  309.765723][ T7441]  ? netlink_deliver_tap+0x1ae/0xcf0
[  309.768566][ T7441]  netlink_unicast+0x53c/0x7f0
[  309.771066][ T7441]  ? __pfx_netlink_unicast+0x10/0x10
[  309.773905][ T7441]  ? __phys_addr_symbol+0x30/0x80
[  309.777037][ T7441]  ? __check_object_size+0x497/0x720
[  309.780316][ T7441]  netlink_sendmsg+0x8b8/0xd70
[  309.783297][ T7441]  ? __pfx_netlink_sendmsg+0x10/0x10
[  309.786556][ T7441]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  309.789788][ T7441]  ____sys_sendmsg+0x9b4/0xb50
[  309.792734][ T7441]  ? __pfx_____sys_sendmsg+0x10/0x10
[  309.796007][ T7441]  ? get_compat_msghdr+0x11b/0x170
[  309.799051][ T7441]  ? __pfx___lock_acquire+0x10/0x10
[  309.802117][ T7441]  ___sys_sendmsg+0x135/0x1e0
[  309.804986][ T7441]  ? __pfx____sys_sendmsg+0x10/0x10
[  309.808193][ T7441]  ? ksys_write+0x21c/0x260
[  309.810890][ T7441]  ? __fget_light+0x173/0x210
[  309.813612][ T7441]  __sys_sendmsg+0x117/0x1f0
[  309.816247][ T7441]  ? __pfx___sys_sendmsg+0x10/0x10
[  309.818524][ T7441]  __do_fast_syscall_32+0x73/0x120
[  309.820707][ T7441]  do_fast_syscall_32+0x32/0x80
[  309.822842][ T7441]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  309.826079][ T7441] RIP: 0023:0xf7fc8579
[  309.827925][ T7441] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  309.837497][ T7441] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  309.841222][ T7441] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  309.845006][ T7441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  309.849207][ T7441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  309.852472][ T7441] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  309.857289][ T7441] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  309.861574][ T7441]  </TASK>
[  310.123156][ T7450] netlink: 24 bytes leftover after parsing attributes in process `syz.3.496'.
[  310.407217][   T13] hsr_slave_0: left promiscuous mode
[  310.423199][   T13] hsr_slave_1: left promiscuous mode
[  310.445003][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.459061][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.476364][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.484077][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.637759][   T13] veth1_macvtap: left promiscuous mode
[  310.640563][   T13] veth0_macvtap: left promiscuous mode
[  310.643296][   T13] veth1_vlan: left promiscuous mode
[  310.646774][   T13] veth0_vlan: left promiscuous mode
[  312.121867][    C1] vkms_vblank_simulate: vblank timer overrun
[  312.311019][    T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  312.518433][    T8] usb 5-1: Using ep0 maxpacket: 16
[  312.523499][    T8] usb 5-1: config 0 has no interfaces?
[  312.526223][    T8] usb 5-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  312.536020][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.549659][    T8] usb 5-1: config 0 descriptor??
[  313.000320][ T7471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  313.006420][ T7471] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.392262][   T13] team0 (unregistering): Port device team_slave_1 removed
[  313.578238][   T13] team0 (unregistering): Port device team_slave_0 removed
[  314.700208][ T5505] usb 5-1: USB disconnect, device number 8
[  315.643899][   T13] IPVS: stop unused estimator thread 0...
[  316.024462][ T7501] netlink: 392 bytes leftover after parsing attributes in process `syz.2.507'.
[  316.998422][ T5896] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  317.198377][ T5896] usb 5-1: Using ep0 maxpacket: 16
[  317.212402][ T5896] usb 5-1: config 0 has no interfaces?
[  317.215464][ T5896] usb 5-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  317.237851][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.255754][ T5896] usb 5-1: config 0 descriptor??
[  317.720152][ T7514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.729255][ T7514] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  318.159168][ T5505] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  318.350202][ T5505] usb 8-1: Using ep0 maxpacket: 32
[  318.356006][ T5505] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  318.362798][ T5505] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  318.373104][ T5505] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  318.382622][ T5505] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  318.388848][ T5505] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  318.401816][ T5505] usb 8-1: config 0 interface 0 has no altsetting 0
[  318.408078][ T5505] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  318.413872][ T5505] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  318.422608][ T5505] usb 8-1: Product: syz
[  318.425763][ T5505] usb 8-1: Manufacturer: syz
[  318.429077][ T5505] usb 8-1: SerialNumber: syz
[  318.441586][ T5505] usb 8-1: config 0 descriptor??
[  318.449981][ T5505] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  318.455878][ T5505] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  318.498490][ T7548] netlink: 48 bytes leftover after parsing attributes in process `syz.2.520'.
[  318.515053][ T7548] netlink: 24 bytes leftover after parsing attributes in process `syz.2.520'.
[  318.594611][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.520'.
[  318.612050][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.520'.
[  318.860817][ T7535] ldusb 8-1:0.0: Couldn't submit interrupt_in_urb -90
[  318.993325][ T5896] usb 8-1: USB disconnect, device number 9
[  318.997710][ T5896] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  319.289567][ T5397] usb 5-1: USB disconnect, device number 9
[  319.623652][ T7553] overlayfs: failed to resolve './file1': -2
[  319.988900][ T5357] Bluetooth: hci12: Controller not accepting commands anymore: ncmd = 0
[  319.992980][ T5357] Bluetooth: hci12: Injecting HCI hardware error event
[  319.997374][ T5366] Bluetooth: hci12: hardware error 0x00
[  321.103336][ T7583] netlink: 48 bytes leftover after parsing attributes in process `syz.2.531'.
[  321.117743][ T7583] netlink: 24 bytes leftover after parsing attributes in process `syz.2.531'.
[  321.245516][ T7581] can0: slcan on ttyprintk.
[  321.314855][ T7583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'.
[  321.338545][ T7583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'.
[  321.598473][ T5896] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  321.638593][   T57] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  321.798586][ T5896] usb 8-1: Using ep0 maxpacket: 8
[  321.802921][ T5896] usb 8-1: config 0 has no interfaces?
[  321.805515][ T5896] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  321.814728][ T5896] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.828853][   T57] usb 6-1: Using ep0 maxpacket: 16
[  321.840079][   T57] usb 6-1: config 0 has no interfaces?
[  321.842403][   T57] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  321.846154][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.851449][ T5896] usb 8-1: config 0 descriptor??
[  321.902454][   T57] usb 6-1: config 0 descriptor??
[  322.078775][ T5366] Bluetooth: hci12: Opcode 0x0c03 failed: -110
[  322.103594][ T5896] usb 8-1: string descriptor 0 read error: -71
[  322.119270][ T5896] usb 8-1: USB disconnect, device number 10
[  322.403324][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  322.404813][ T7585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  322.406995][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  322.449796][ T7601] netlink: 24 bytes leftover after parsing attributes in process `syz.2.533'.
[  322.519609][ T7585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  322.567132][ T7580] can0 (unregistered): slcan off ttyprintk.
[  323.572119][ T7634] overlayfs: failed to resolve './file1': -2
[  324.026399][  T833] usb 6-1: USB disconnect, device number 6
[  324.193437][ T7644] netlink: 48 bytes leftover after parsing attributes in process `syz.0.541'.
[  324.198000][ T7644] netlink: 24 bytes leftover after parsing attributes in process `syz.0.541'.
[  324.434814][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.541'.
[  324.438908][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.541'.
[  325.108673][ T5357] Bluetooth: hci8: command 0x0406 tx timeout
[  327.859305][ T7675] netlink: 48 bytes leftover after parsing attributes in process `syz.0.551'.
[  327.863156][ T7675] netlink: 24 bytes leftover after parsing attributes in process `syz.0.551'.
[  328.047145][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.551'.
[  328.051164][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.551'.
[  328.265068][ T5505] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  328.279723][ T5505] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  328.299393][ T5505] hid-generic 0000:0000:0000.000F: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  328.865864][ T7689] input: syz0 as /devices/virtual/input/input8
[  329.599623][  T833] IPVS: starting estimator thread 0...
[  329.702772][ T7697] IPVS: using max 20 ests per chain, 48000 per kthread
[  331.902412][ T7720] netlink: 48 bytes leftover after parsing attributes in process `syz.1.564'.
[  331.906180][ T7720] netlink: 24 bytes leftover after parsing attributes in process `syz.1.564'.
[  332.329975][ T7720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'.
[  332.333914][ T7720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'.
[  333.073331][ T7733] overlayfs: failed to resolve './file0': -2
[  333.100109][ T7734] overlayfs: failed to resolve './file1': -2
[  335.217932][ T7757] dccp_xmit_packet: Payload too large (65475) for featneg.
[  335.230050][ T7763] hugetlbfs: Bad value 'A' for mount option 'nr_inodes'
[  335.230050][ T7763] 
[  335.290367][   T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  335.358208][ T5397] IPVS: starting estimator thread 0...
[  335.398757][ T7767] veth0_vlan: left promiscuous mode
[  335.404906][ T7767] veth0_vlan: entered promiscuous mode
[  335.468536][ T7766] IPVS: using max 22 ests per chain, 52800 per kthread
[  335.509089][   T35] usb 6-1: Using ep0 maxpacket: 32
[  335.513114][   T35] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  335.516468][   T35] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  335.538263][   T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  335.543543][   T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  335.547940][   T35] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  335.578792][   T35] usb 6-1: config 0 interface 0 has no altsetting 0
[  335.594107][   T35] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  335.598231][   T35] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  335.613724][   T35] usb 6-1: Product: syz
[  335.615535][   T35] usb 6-1: Manufacturer: syz
[  335.617402][   T35] usb 6-1: SerialNumber: syz
[  335.631440][   T35] usb 6-1: config 0 descriptor??
[  335.636808][   T35] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  335.652615][   T35] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  335.863572][ T7758] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90
[  335.892299][   T35] usb 6-1: USB disconnect, device number 7
[  335.899123][   T35] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  337.690957][ T7798] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  338.359196][ T5505] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  338.551245][ T5505] usb 6-1: Using ep0 maxpacket: 32
[  338.556673][ T5505] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  338.568354][ T5505] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  338.572518][ T5505] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  338.576690][ T5505] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  338.588780][ T5505] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  338.594240][ T5505] usb 6-1: config 0 interface 0 has no altsetting 0
[  338.614773][ T5505] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  338.638450][ T5505] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  338.643064][ T5505] usb 6-1: Product: syz
[  338.645075][ T5505] usb 6-1: Manufacturer: syz
[  338.647150][ T5505] usb 6-1: SerialNumber: syz
[  338.662483][ T5505] usb 6-1: config 0 descriptor??
[  338.669216][ T5505] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  338.678649][ T5505] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  338.798482][ T5896] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  338.871030][ T7803] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90
[  338.896613][   T35] usb 6-1: USB disconnect, device number 8
[  338.905648][   T35] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  338.978832][ T5896] usb 7-1: Using ep0 maxpacket: 16
[  338.993836][ T5896] usb 7-1: config 0 has no interfaces?
[  338.996529][ T5896] usb 7-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  339.008672][ T5896] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.015074][ T5896] usb 7-1: config 0 descriptor??
[  339.463960][ T7809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  339.471406][ T7809] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  339.691035][ T7823] program syz.1.596 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  340.602937][ T7841] overlayfs: failed to resolve './file1': -2
[  341.322040][ T5505] usb 7-1: USB disconnect, device number 5
[  341.727485][ T7850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.604'.
[  342.180789][ T7861] FAULT_INJECTION: forcing a failure.
[  342.180789][ T7861] name failslab, interval 1, probability 0, space 0, times 0
[  342.186112][ T7861] CPU: 3 UID: 0 PID: 7861 Comm: syz.3.608 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  342.190599][ T7861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  342.195114][ T7861] Call Trace:
[  342.196548][ T7861]  <TASK>
[  342.197803][ T7861]  dump_stack_lvl+0x16c/0x1f0
[  342.199565][ T7861]  should_fail_ex+0x497/0x5b0
[  342.201624][ T7861]  ? fs_reclaim_acquire+0xae/0x160
[  342.203835][ T7861]  should_failslab+0xc2/0x120
[  342.205883][ T7861]  __kmalloc_noprof+0xcb/0x410
[  342.209483][ T7861]  ? __pfx_lock_acquire+0x10/0x10
[  342.211597][ T7861]  tomoyo_realpath_from_path+0xbf/0x710
[  342.213881][ T7861]  ? tomoyo_profile+0x47/0x60
[  342.215874][ T7861]  tomoyo_path_number_perm+0x245/0x5b0
[  342.218243][ T7861]  ? tomoyo_path_number_perm+0x232/0x5b0
[  342.220664][ T7861]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  342.223268][ T7861]  ? __pfx_lock_release+0x10/0x10
[  342.225501][ T7861]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  342.228090][ T7861]  ? __fget_files+0x256/0x400
[  342.230143][ T7861]  security_file_ioctl_compat+0x75/0xc0
[  342.232539][ T7861]  __do_compat_sys_ioctl+0x5d/0x330
[  342.234823][ T7861]  __do_fast_syscall_32+0x73/0x120
[  342.237029][ T7861]  do_fast_syscall_32+0x32/0x80
[  342.239155][ T7861]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  342.241865][ T7861] RIP: 0023:0xf740e579
[  342.243646][ T7861] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  342.251864][ T7861] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  342.256192][ T7861] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000005414
[  342.259714][ T7861] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  342.263110][ T7861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  342.266536][ T7861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  342.270052][ T7861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  342.273484][ T7861]  </TASK>
[  342.284348][ T7861] ERROR: Out of memory at tomoyo_realpath_from_path.
[  343.771021][ T7878] netlink: 4 bytes leftover after parsing attributes in process `syz.2.614'.
[  344.328006][ T7880] FAULT_INJECTION: forcing a failure.
[  344.328006][ T7880] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.348727][ T7880] CPU: 3 UID: 0 PID: 7880 Comm: syz.0.615 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  344.353305][ T7880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  344.357598][ T7880] Call Trace:
[  344.358959][ T7880]  <TASK>
[  344.360206][ T7880]  dump_stack_lvl+0x16c/0x1f0
[  344.362158][ T7880]  should_fail_ex+0x497/0x5b0
[  344.364171][ T7880]  _copy_to_user+0x30/0xc0
[  344.366039][ T7880]  simple_read_from_buffer+0xd0/0x160
[  344.368344][ T7880]  proc_fail_nth_read+0x19e/0x280
[  344.371134][ T7880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  344.373927][ T7880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  344.376739][ T7880]  vfs_read+0x1d4/0xbd0
[  344.379002][ T7880]  ? __fdget_pos+0xeb/0x180
[  344.381183][ T7880]  ? __pfx_vfs_read+0x10/0x10
[  344.383675][ T7880]  ? __pfx___mutex_lock+0x10/0x10
[  344.386014][ T7880]  ? __fget_files+0x256/0x400
[  344.388058][ T7880]  ksys_read+0x12f/0x260
[  344.389920][ T7880]  ? __pfx_ksys_read+0x10/0x10
[  344.391920][ T7880]  __do_fast_syscall_32+0x73/0x120
[  344.394194][ T7880]  do_fast_syscall_32+0x32/0x80
[  344.396356][ T7880]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  344.399466][ T7880] RIP: 0023:0xf739e579
[  344.401285][ T7880] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  344.409755][ T7880] RSP: 002b:00000000f56965a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  344.413519][ T7880] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5696620
[  344.416963][ T7880] RDX: 000000000000000f RSI: 00000000f738fff4 RDI: 0000000000000000
[  344.420728][ T7880] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  344.424255][ T7880] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  344.427957][ T7880] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  344.431434][ T7880]  </TASK>
[  344.452804][   T39] kauditd_printk_skb: 7 callbacks suppressed
[  344.452817][   T39] audit: type=1326 audit(1725780269.114:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.504051][   T39] audit: type=1326 audit(1725780269.114:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.538396][   T39] audit: type=1326 audit(1725780269.124:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.559009][   T39] audit: type=1326 audit(1725780269.124:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.605205][   T39] audit: type=1326 audit(1725780269.124:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.671329][   T39] audit: type=1326 audit(1725780269.124:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.709043][   T39] audit: type=1326 audit(1725780269.124:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.717032][   T39] audit: type=1326 audit(1725780269.134:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.736361][   T39] audit: type=1326 audit(1725780269.134:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  344.744400][   T39] audit: type=1326 audit(1725780269.134:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000
[  346.101841][ T7907] FAULT_INJECTION: forcing a failure.
[  346.101841][ T7907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.109288][ T7907] CPU: 1 UID: 0 PID: 7907 Comm: syz.0.621 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  346.114943][ T7907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.121769][ T7907] Call Trace:
[  346.123167][ T7907]  <TASK>
[  346.124424][ T7907]  dump_stack_lvl+0x16c/0x1f0
[  346.126433][ T7907]  should_fail_ex+0x497/0x5b0
[  346.128392][ T7907]  _copy_from_user+0x30/0xf0
[  346.130334][ T7907]  get_compat_msghdr+0xa8/0x170
[  346.132506][ T7907]  ? __pfx_get_compat_msghdr+0x10/0x10
[  346.134819][ T7907]  ? find_held_lock+0x2d/0x110
[  346.136815][ T7907]  ___sys_recvmsg+0x193/0x1a0
[  346.152275][ T7907]  ? __pfx____sys_recvmsg+0x10/0x10
[  346.154458][ T7907]  ? __fget_light+0x173/0x210
[  346.156519][ T7907]  __sys_recvmsg+0x114/0x1e0
[  346.165758][ T7907]  ? __pfx___sys_recvmsg+0x10/0x10
[  346.167939][ T7907]  __do_fast_syscall_32+0x73/0x120
[  346.170127][ T7907]  do_fast_syscall_32+0x32/0x80
[  346.172188][ T7907]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  346.175013][ T7907] RIP: 0023:0xf739e579
[  346.176796][ T7907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  346.184878][ T7907] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000174
[  346.188347][ T7907] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[  346.191732][ T7907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  346.194861][ T7907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.197772][ T7907] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  346.200992][ T7907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.204324][ T7907]  </TASK>
[  346.700689][ T7920] FAULT_INJECTION: forcing a failure.
[  346.700689][ T7920] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.766540][ T7920] CPU: 3 UID: 0 PID: 7920 Comm: syz.0.626 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  346.771787][ T7920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.776708][ T7920] Call Trace:
[  346.778359][ T7920]  <TASK>
[  346.779720][ T7920]  dump_stack_lvl+0x16c/0x1f0
[  346.781813][ T7920]  should_fail_ex+0x497/0x5b0
[  346.784004][ T7920]  _copy_from_user+0x30/0xf0
[  346.786060][ T7920]  move_addr_to_kernel+0x68/0x160
[  346.788329][ T7920]  __sys_sendto+0x169/0x4e0
[  346.790370][ T7920]  ? __pfx___sys_sendto+0x10/0x10
[  346.792634][ T7920]  ? ksys_write+0x1ab/0x260
[  346.794696][ T7920]  ? __pfx_ksys_write+0x10/0x10
[  346.796849][ T7920]  __ia32_sys_sendto+0xdd/0x1b0
[  346.798998][ T7920]  ? lockdep_hardirqs_on+0x7c/0x110
[  346.801271][ T7920]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  346.804141][ T7920]  __do_fast_syscall_32+0x73/0x120
[  346.806296][ T7920]  do_fast_syscall_32+0x32/0x80
[  346.808404][ T7920]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  346.810848][ T7920] RIP: 0023:0xf739e579
[  346.812436][ T7920] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  346.820180][ T7920] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  346.823807][ T7920] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  346.827285][ T7920] RDX: 0000000000000000 RSI: 0000000000008812 RDI: 0000000020000180
[  346.830961][ T7920] RBP: 0000000000000020 R08: 0000000000000000 R09: 0000000000000000
[  346.834314][ T7920] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  346.837886][ T7920] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.841291][ T7920]  </TASK>
[  347.478955][  T833] IPVS: starting estimator thread 0...
[  347.601293][ T7931] IPVS: using max 23 ests per chain, 55200 per kthread
[  347.607575][ T7935] netlink: 28 bytes leftover after parsing attributes in process `syz.2.632'.
[  347.752664][ T7941] FAULT_INJECTION: forcing a failure.
[  347.752664][ T7941] name failslab, interval 1, probability 0, space 0, times 0
[  347.758244][ T7941] CPU: 0 UID: 0 PID: 7941 Comm: syz.0.635 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  347.761873][ T7940] Invalid ELF header type: 0 != 1
[  347.762622][ T7941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  347.762646][ T7941] Call Trace:
[  347.762653][ T7941]  <TASK>
[  347.762660][ T7941]  dump_stack_lvl+0x16c/0x1f0
[  347.774145][ T7941]  should_fail_ex+0x497/0x5b0
[  347.775963][ T7941]  ? fs_reclaim_acquire+0xae/0x160
[  347.775984][ T7941]  should_failslab+0xc2/0x120
[  347.775997][ T7941]  __kmalloc_noprof+0xcb/0x410
[  347.776008][ T7941]  ? __pfx_lock_acquire+0x10/0x10
[  347.784586][ T7941]  tomoyo_realpath_from_path+0xbf/0x710
[  347.786954][ T7941]  ? tomoyo_profile+0x47/0x60
[  347.798904][ T7941]  tomoyo_path_number_perm+0x245/0x5b0
[  347.801072][ T7941]  ? tomoyo_path_number_perm+0x232/0x5b0
[  347.802972][ T7941]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  347.805389][ T7941]  ? __pfx_lock_release+0x10/0x10
[  347.807060][ T7941]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  347.809250][ T7941]  ? __fget_files+0x256/0x400
[  347.810847][ T7941]  security_file_ioctl_compat+0x75/0xc0
[  347.812658][ T7941]  __do_compat_sys_ioctl+0x5d/0x330
[  347.814570][ T7941]  __do_fast_syscall_32+0x73/0x120
[  347.816671][ T7941]  do_fast_syscall_32+0x32/0x80
[  347.818578][ T7941]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  347.821286][ T7941] RIP: 0023:0xf739e579
[  347.822824][ T7941] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  347.830490][ T7941] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  347.833893][ T7941] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040086602
[  347.837200][ T7941] RDX: 0000000020001100 RSI: 0000000000000000 RDI: 0000000000000000
[  347.840564][ T7941] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  347.843642][ T7941] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  347.846786][ T7941] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  347.849525][ T7941]  </TASK>
[  347.886543][ T7941] ERROR: Out of memory at tomoyo_realpath_from_path.
[  348.244162][ T7957] FAULT_INJECTION: forcing a failure.
[  348.244162][ T7957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.250824][ T7957] CPU: 3 UID: 0 PID: 7957 Comm: syz.0.639 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  348.255368][ T7957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.260225][ T7957] Call Trace:
[  348.261694][ T7957]  <TASK>
[  348.262968][ T7957]  dump_stack_lvl+0x16c/0x1f0
[  348.265587][ T7957]  should_fail_ex+0x497/0x5b0
[  348.267501][ T7957]  ? page_copy_sane+0xcd/0x2d0
[  348.269471][ T7957]  copy_page_from_iter_atomic+0x24c/0xfe0
[  348.271685][ T7957]  ? ext4_da_write_begin+0x221/0x8f0
[  348.274335][ T7957]  ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[  348.277076][ T7957]  ? __pfx_ext4_da_write_begin+0x10/0x10
[  348.279495][ T7957]  generic_perform_write+0x53d/0xaa0
[  348.282272][ T7957]  ? __pfx_generic_perform_write+0x10/0x10
[  348.284818][ T7957]  ? down_write+0x14e/0x200
[  348.286541][ T7957]  ext4_buffered_write_iter+0x11f/0x3d0
[  348.288701][ T7957]  ? __lock_acquire+0xbdd/0x3cb0
[  348.290638][ T7957]  ext4_file_write_iter+0x874/0x1a40
[  348.292536][ T7957]  ? __pfx_lock_acquire+0x10/0x10
[  348.294370][ T7957]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  348.296267][ T7957]  vfs_write+0x6b6/0x1140
[  348.298019][ T7957]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  348.300640][ T7957]  ? __pfx_vfs_write+0x10/0x10
[  348.303103][ T7957]  ? __mutex_unlock_slowpath+0x164/0x650
[  348.306008][ T7957]  ksys_pwrite64+0x176/0x1a0
[  348.308182][ T7957]  ? __pfx_ksys_pwrite64+0x10/0x10
[  348.310334][ T7957]  __do_fast_syscall_32+0x73/0x120
[  348.312626][ T7957]  do_fast_syscall_32+0x32/0x80
[  348.314746][ T7957]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  348.317235][ T7957] RIP: 0023:0xf739e579
[  348.318960][ T7957] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  348.329369][ T7957] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 00000000000000b5
[  348.333463][ T7957] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200
[  348.338307][ T7957] RDX: 000000000000fdef RSI: 0000000000e00001 RDI: 0000000000000000
[  348.342349][ T7957] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  348.345821][ T7957] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  348.349529][ T7957] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  348.353753][ T7957]  </TASK>
[  348.355159][    C3] vkms_vblank_simulate: vblank timer overrun
[  348.833608][ T7976] FAULT_INJECTION: forcing a failure.
[  348.833608][ T7976] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  348.851091][ T7976] CPU: 2 UID: 0 PID: 7976 Comm: syz.1.645 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  348.855676][ T7976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.860332][ T7976] Call Trace:
[  348.861826][ T7976]  <TASK>
[  348.863148][ T7976]  dump_stack_lvl+0x16c/0x1f0
[  348.865232][ T7976]  should_fail_ex+0x497/0x5b0
[  348.867349][ T7976]  ? fs_reclaim_acquire+0xae/0x160
[  348.869641][ T7976]  should_fail_alloc_page+0xe7/0x130
[  348.871949][ T7976]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  348.874673][ T7976]  ? hlock_class+0x4e/0x130
[  348.876308][ T7976]  __alloc_pages_noprof+0x194/0x2460
[  348.878124][ T7976]  ? __pfx_mark_lock+0x10/0x10
[  348.879937][ T7976]  ? hlock_class+0x4e/0x130
[  348.881927][ T7976]  ? mark_lock+0xb5/0xc60
[  348.883833][ T7976]  ? __kernel_text_address+0xd/0x40
[  348.886264][ T7976]  ? hlock_class+0x4e/0x130
[  348.888261][ T7976]  ? __lock_acquire+0xbdd/0x3cb0
[  348.890232][ T7976]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  348.892747][ T7976]  ? __pfx___lock_acquire+0x10/0x10
[  348.895058][ T7976]  ? __pfx_mark_lock+0x10/0x10
[  348.897206][ T7976]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  348.899835][ T7976]  ? policy_nodemask+0xea/0x4e0
[  348.902020][ T7976]  alloc_pages_mpol_noprof+0x275/0x610
[  348.904408][ T7976]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  348.907033][ T7976]  ? find_held_lock+0x2d/0x110
[  348.909168][ T7976]  folio_alloc_mpol_noprof+0x36/0xd0
[  348.911282][ T7976]  vma_alloc_folio_noprof+0xee/0x1b0
[  348.913538][ T7976]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  348.916144][ T7976]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  348.918436][ T7976]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  348.920725][ T7976]  __handle_mm_fault+0x2cf6/0x5400
[  348.922973][ T7976]  ? down_read_trylock+0x1ed/0x3f0
[  348.925094][ T7976]  ? lock_vma_under_rcu+0x1e2/0x8f0
[  348.927310][ T7976]  ? __pfx___handle_mm_fault+0x10/0x10
[  348.929473][ T7976]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  348.931655][ T7976]  handle_mm_fault+0x498/0xa60
[  348.933536][ T7976]  ? spurious_kernel_fault+0x361/0x3c0
[  348.935282][ T7976]  do_user_addr_fault+0x60d/0x13f0
[  348.937234][ T7976]  exc_page_fault+0x5c/0xc0
[  348.939001][ T7976]  asm_exc_page_fault+0x26/0x30
[  348.940922][ T7976] RIP: 0023:0xf7275610
[  348.942769][ T7976] Code: 20 00 00 65 8b 15 14 00 00 00 89 94 24 cc 20 00 00 8b 56 68 85 d2 0f 85 46 01 00 00 c7 46 68 ff ff ff ff 8d 94 24 cc 00 00 00 <89> b4 24 bc 00 00 00 89 54 24 38 89 54 24 34 8d 94 24 cc 20 00 00
[  348.950808][ T7976] RSP: 002b:00000000f57544a0 EFLAGS: 00010246
[  348.953210][ T7976] RAX: 00000000f731e5bc RBX: 00000000f744fff4 RCX: 00000000f57565d4
[  348.956281][ T7976] RDX: 00000000f575456c RSI: 00000000f7456240 RDI: 0000000000000009
[  348.959621][ T7976] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  348.963005][ T7976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  348.966464][ T7976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  348.969843][ T7976]  </TASK>
[  348.996820][ T7976] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  349.756098][ T7983] xt_connbytes: Forcing CT accounting to be enabled
[  349.760718][ T7985] batadv_slave_0: entered promiscuous mode
[  349.766268][ T7983] Cannot find del_set index 0 as target
[  349.813942][ T7983] batadv_slave_0: left promiscuous mode
[  351.208635][    T8] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  351.221217][ T8018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.657'.
[  351.409331][ T8023] netlink: 48 bytes leftover after parsing attributes in process `syz.2.658'.
[  351.413218][ T8023] netlink: 24 bytes leftover after parsing attributes in process `syz.2.658'.
[  351.428515][ T8022] netlink: 44 bytes leftover after parsing attributes in process `syz.3.659'.
[  351.460459][    T8] usb 6-1: Using ep0 maxpacket: 32
[  351.465359][    T8] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  351.469856][    T8] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  351.474871][    T8] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  351.481184][    T8] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  351.488570][    T8] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  351.494559][    T8] usb 6-1: config 0 interface 0 has no altsetting 0
[  351.503289][    T8] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  351.507390][    T8] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  351.512049][    T8] usb 6-1: Product: syz
[  351.513953][    T8] usb 6-1: Manufacturer: syz
[  351.514423][ T8023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.658'.
[  351.515950][    T8] usb 6-1: SerialNumber: syz
[  351.524783][    T8] usb 6-1: config 0 descriptor??
[  351.546206][    T8] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  351.548573][ T8023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.658'.
[  351.552091][    T8] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  351.753776][ T8009] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90
[  351.787737][ T8025] ptrace attach of "/syz-executor exec"[7243] was attempted by ""[8025]
[  351.822642][ T5505] usb 6-1: USB disconnect, device number 9
[  351.826071][ T5505] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  354.071830][ T8049] netlink: 'syz.2.668': attribute type 8 has an invalid length.
[  354.077405][ T8049] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.668'.
[  354.218966][ T8051] openvswitch: netlink: Key 0 has unexpected len 4 expected 0
[  354.292982][ T5366] Bluetooth: hci9: unexpected event for opcode 0x1003
[  354.305693][ T8054] fuse: Bad value for 'user_id'
[  354.316163][ T8054] fuse: Bad value for 'user_id'
[  354.395754][ T8054] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  354.828657][   T35] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  355.012766][   T35] usb 6-1: Using ep0 maxpacket: 32
[  355.033722][   T35] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  355.043345][   T35] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  355.047736][   T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  355.052642][   T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  355.056686][   T35] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  355.062514][   T35] usb 6-1: config 0 interface 0 has no altsetting 0
[  355.072334][   T35] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  355.076105][   T35] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  355.082898][   T35] usb 6-1: Product: syz
[  355.084649][   T35] usb 6-1: Manufacturer: syz
[  355.087016][   T35] usb 6-1: SerialNumber: syz
[  355.098090][   T35] usb 6-1: config 0 descriptor??
[  355.109285][   T35] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  355.134671][   T35] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  355.342075][ T8056] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90
[  355.363953][   T35] usb 6-1: USB disconnect, device number 10
[  355.379240][   T35] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  356.137075][ T8073] netlink: 64 bytes leftover after parsing attributes in process `syz.1.676'.
[  356.466882][ T8077] input: syz0 as /devices/virtual/input/input10
[  356.536326][ T8027] udevd[8027]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  357.021998][ T8079] FAULT_INJECTION: forcing a failure.
[  357.021998][ T8079] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  357.027625][ T8079] CPU: 3 UID: 0 PID: 8079 Comm: syz.0.678 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  357.032161][ T8079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  357.036784][ T8079] Call Trace:
[  357.038282][ T8079]  <TASK>
[  357.039576][ T8079]  dump_stack_lvl+0x16c/0x1f0
[  357.041645][ T8079]  should_fail_ex+0x497/0x5b0
[  357.043684][ T8079]  _copy_from_user+0x30/0xf0
[  357.045737][ T8079]  get_compat_msghdr+0xa8/0x170
[  357.047905][ T8079]  ? __pfx_get_compat_msghdr+0x10/0x10
[  357.050332][ T8079]  ? __pfx___lock_acquire+0x10/0x10
[  357.052648][ T8079]  ___sys_sendmsg+0x1b0/0x1e0
[  357.054782][ T8079]  ? __pfx____sys_sendmsg+0x10/0x10
[  357.057028][ T8079]  ? ksys_write+0x21c/0x260
[  357.059037][ T8079]  ? __fget_light+0x173/0x210
[  357.061108][ T8079]  __sys_sendmsg+0x117/0x1f0
[  357.063177][ T8079]  ? __pfx___sys_sendmsg+0x10/0x10
[  357.065455][ T8079]  __do_fast_syscall_32+0x73/0x120
[  357.067699][ T8079]  do_fast_syscall_32+0x32/0x80
[  357.069857][ T8079]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  357.072613][ T8079] RIP: 0023:0xf739e579
[  357.074408][ T8079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  357.082551][ T8079] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  357.086157][ T8079] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020006040
[  357.089591][ T8079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  357.093069][ T8079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  357.096528][ T8079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  357.099930][ T8079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  357.103380][ T8079]  </TASK>
[  357.104834][    C3] vkms_vblank_simulate: vblank timer overrun
[  357.299669][ T8083] netlink: 16 bytes leftover after parsing attributes in process `syz.2.680'.
[  358.308972][ T5366] Bluetooth: hci9: Controller not accepting commands anymore: ncmd = 0
[  358.312572][ T5366] Bluetooth: hci9: Injecting HCI hardware error event
[  358.317758][ T5357] Bluetooth: hci9: hardware error 0x00
[  360.398683][ T5357] Bluetooth: hci9: Opcode 0x0c03 failed: -110
[  362.253737][ T8121] syz.1.692[8121] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  362.253974][ T8121] syz.1.692[8121] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  362.293402][ T8120] FAULT_INJECTION: forcing a failure.
[  362.293402][ T8120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.293494][ T8120] 
[  362.293498][ T8120] ======================================================
[  362.293503][ T8120] WARNING: possible circular locking dependency detected
[  362.293515][ T8120] 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 Not tainted
[  362.293524][ T8120] ------------------------------------------------------
[  362.293529][ T8120] syz.3.693/8120 is trying to acquire lock:
[  362.293536][ T8120] ffffffff8dda75d8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x12/0x70
[  362.293580][ T8120] 
[  362.293580][ T8120] but task is already holding lock:
[  362.293584][ T8120] ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  362.293622][ T8120] 
[  362.293622][ T8120] which lock already depends on the new lock.
[  362.293622][ T8120] 
[  362.293627][ T8120] 
[  362.293627][ T8120] the existing dependency chain (in reverse order) is:
[  362.293631][ T8120] 
[  362.293631][ T8120] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  362.293648][ T8120]        _raw_spin_lock_nested+0x31/0x40
[  362.293666][ T8120]        raw_spin_rq_lock_nested+0x29/0x130
[  362.293685][ T8120]        task_fork_fair+0x73/0x250
[  362.293701][ T8120]        sched_cgroup_fork+0x3cf/0x510
[  362.293715][ T8120]        copy_process+0x4710/0x6f50
[  362.293730][ T8120]        kernel_clone+0xfd/0x960
[  362.293746][ T8120]        user_mode_thread+0xb4/0xf0
[  362.293761][ T8120]        rest_init+0x23/0x2b0
[  362.293773][ T8120]        start_kernel+0x3df/0x4c0
[  362.293792][ T8120]        x86_64_start_reservations+0x18/0x30
[  362.293812][ T8120]        x86_64_start_kernel+0xb2/0xc0
[  362.293830][ T8120]        common_startup_64+0x13e/0x148
[  362.293844][ T8120] 
[  362.293844][ T8120] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  362.293861][ T8120]        _raw_spin_lock_irqsave+0x3a/0x60
[  362.293877][ T8120]        try_to_wake_up+0x9a/0x13e0
[  362.293896][ T8120]        up+0x79/0xb0
[  362.293915][ T8120]        console_unlock+0x23e/0x290
[  362.293937][ T8120]        vga_remove_vgacon+0x90/0xd0
[  362.293954][ T8120]        aperture_remove_conflicting_pci_devices+0x16a/0x1e0
[  362.293979][ T8120]        bochs_pci_probe+0x101/0x1150
[  362.294000][ T8120]        local_pci_probe+0xde/0x1b0
[  362.294021][ T8120]        pci_device_probe+0x29d/0x7b0
[  362.294042][ T8120]        really_probe+0x23e/0xa90
[  362.294063][ T8120]        __driver_probe_device+0x1de/0x440
[  362.294076][ T8120]        driver_probe_device+0x4c/0x1b0
[  362.294089][ T8120]        __driver_attach+0x283/0x580
[  362.294101][ T8120]        bus_for_each_dev+0x13c/0x1d0
[  362.294119][ T8120]        bus_add_driver+0x2e9/0x690
[  362.294139][ T8120]        driver_register+0x15c/0x4b0
[  362.294153][ T8120]        bochs_pci_driver_init+0x67/0x80
[  362.294173][ T8120]        do_one_initcall+0x128/0x630
[  362.294192][ T8120]        kernel_init_freeable+0x660/0xc50
[  362.294211][ T8120]        kernel_init+0x1c/0x2b0
[  362.294223][ T8120]        ret_from_fork+0x45/0x80
[  362.294261][ T8120]        ret_from_fork_asm+0x1a/0x30
[  362.294282][ T8120] 
[  362.294282][ T8120] -> #0 ((console_sem).lock){-.-.}-{2:2}:
[  362.294299][ T8120]        __lock_acquire+0x24ed/0x3cb0
[  362.294318][ T8120]        lock_acquire+0x1b1/0x560
[  362.294335][ T8120]        _raw_spin_lock_irqsave+0x3a/0x60
[  362.294351][ T8120]        down_trylock+0x12/0x70
[  362.294371][ T8120]        __down_trylock_console_sem+0x40/0x140
[  362.294391][ T8120]        vprintk_emit+0x3d3/0x600
[  362.294403][ T8120]        vprintk+0x7f/0xa0
[  362.294416][ T8120]        _printk+0xc8/0x100
[  362.294432][ T8120]        should_fail_ex+0x46c/0x5b0
[  362.294448][ T8120]        copy_to_user_nofault+0x9f/0x1a0
[  362.294485][ T8120]        bpf_probe_write_user+0xaf/0xf0
[  362.294498][ T8120]        bpf_prog_c7763bb3f68e5cb3+0x40/0x42
[  362.294513][ T8120]        bpf_trace_run4+0x245/0x5a0
[  362.294529][ T8120]        __traceiter_sched_switch+0x6c/0xc0
[  362.294550][ T8120]        __schedule+0x17cf/0x5490
[  362.294566][ T8120]        preempt_schedule_common+0x44/0xc0
[  362.294585][ T8120]        preempt_schedule_thunk+0x1a/0x30
[  362.294598][ T8120]        unwind_next_frame+0x1c90/0x23a0
[  362.294612][ T8120]        arch_stack_walk+0x100/0x170
[  362.294626][ T8120]        stack_trace_save+0x95/0xd0
[  362.294641][ T8120]        kasan_save_stack+0x33/0x60
[  362.294655][ T8120]        kasan_save_track+0x14/0x30
[  362.294667][ T8120]        __kasan_kmalloc+0xaa/0xb0
[  362.294678][ T8120]        rtnl_newlink+0x49/0xa0
[  362.294695][ T8120]        rtnetlink_rcv_msg+0x3c7/0xea0
[  362.294709][ T8120]        netlink_rcv_skb+0x165/0x410
[  362.294728][ T8120]        netlink_unicast+0x53c/0x7f0
[  362.294746][ T8120]        netlink_sendmsg+0x8b8/0xd70
[  362.294764][ T8120]        ____sys_sendmsg+0x9b4/0xb50
[  362.294777][ T8120]        ___sys_sendmsg+0x135/0x1e0
[  362.294794][ T8120]        __sys_sendmsg+0x117/0x1f0
[  362.294811][ T8120]        __do_fast_syscall_32+0x73/0x120
[  362.294828][ T8120]        do_fast_syscall_32+0x32/0x80
[  362.294848][ T8120]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  362.294866][ T8120] 
[  362.294866][ T8120] other info that might help us debug this:
[  362.294866][ T8120] 
[  362.294870][ T8120] Chain exists of:
[  362.294870][ T8120]   (console_sem).lock --> &p->pi_lock --> &rq->__lock
[  362.294870][ T8120] 
[  362.294889][ T8120]  Possible unsafe locking scenario:
[  362.294889][ T8120] 
[  362.294893][ T8120]        CPU0                    CPU1
[  362.294896][ T8120]        ----                    ----
[  362.294900][ T8120]   lock(&rq->__lock);
[  362.294907][ T8120]                                lock(&p->pi_lock);
[  362.294916][ T8120]                                lock(&rq->__lock);
[  362.294924][ T8120]   lock((console_sem).lock);
[  362.294931][ T8120] 
[  362.294931][ T8120]  *** DEADLOCK ***
[  362.294931][ T8120] 
[  362.294934][ T8120] 3 locks held by syz.3.693/8120:
[  362.294943][ T8120]  #0: ffffffff8fa17fa8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0
[  362.294978][ T8120]  #1: ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  362.295016][ T8120]  #2: ffffffff8ddb94a0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x1d6/0x5a0
[  362.295049][ T8120] 
[  362.295049][ T8120] stack backtrace:
[  362.295054][ T8120] CPU: 3 UID: 0 PID: 8120 Comm: syz.3.693 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  362.295071][ T8120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  362.295080][ T8120] Call Trace:
[  362.295086][ T8120]  <TASK>
[  362.295092][ T8120]  dump_stack_lvl+0x116/0x1f0
[  362.295110][ T8120]  check_noncircular+0x31a/0x400
[  362.295131][ T8120]  ? __pfx_check_noncircular+0x10/0x10
[  362.295150][ T8120]  ? __pfx__prb_read_valid+0x10/0x10
[  362.295167][ T8120]  ? __pfx_format_decode+0x10/0x10
[  362.295190][ T8120]  ? lockdep_lock+0xc6/0x200
[  362.295206][ T8120]  ? __pfx_lockdep_lock+0x10/0x10
[  362.295221][ T8120]  ? vsnprintf+0x40f/0x1870
[  362.295245][ T8120]  __lock_acquire+0x24ed/0x3cb0
[  362.295268][ T8120]  ? __pfx___lock_acquire+0x10/0x10
[  362.295287][ T8120]  ? vprintk_store+0x222/0xbb0
[  362.295310][ T8120]  lock_acquire+0x1b1/0x560
[  362.295329][ T8120]  ? down_trylock+0x12/0x70
[  362.295351][ T8120]  ? __pfx_lock_acquire+0x10/0x10
[  362.295372][ T8120]  ? hlock_class+0x4e/0x130
[  362.295389][ T8120]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  362.295410][ T8120]  ? vprintk+0x7f/0xa0
[  362.295425][ T8120]  _raw_spin_lock_irqsave+0x3a/0x60
[  362.295443][ T8120]  ? down_trylock+0x12/0x70
[  362.295464][ T8120]  down_trylock+0x12/0x70
[  362.295487][ T8120]  __down_trylock_console_sem+0x40/0x140
[  362.295516][ T8120]  vprintk_emit+0x3d3/0x600
[  362.295533][ T8120]  vprintk+0x7f/0xa0
[  362.295549][ T8120]  _printk+0xc8/0x100
[  362.295569][ T8120]  ? __pfx__printk+0x10/0x10
[  362.295589][ T8120]  ? map_id_up+0x282/0x370
[  362.295613][ T8120]  ? ___ratelimit+0x24c/0x580
[  362.295637][ T8120]  ? __pfx_map_id_up+0x10/0x10
[  362.295659][ T8120]  ? __pfx____ratelimit+0x10/0x10
[  362.295687][ T8120]  should_fail_ex+0x46c/0x5b0
[  362.295707][ T8120]  copy_to_user_nofault+0x9f/0x1a0
[  362.295729][ T8120]  bpf_probe_write_user+0xaf/0xf0
[  362.295746][ T8120]  bpf_prog_c7763bb3f68e5cb3+0x40/0x42
[  362.295758][ T8120]  bpf_trace_run4+0x245/0x5a0
[  362.295778][ T8120]  ? __pfx_bpf_trace_run4+0x10/0x10
[  362.295799][ T8120]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  362.295823][ T8120]  __traceiter_sched_switch+0x6c/0xc0
[  362.295847][ T8120]  __schedule+0x17cf/0x5490
[  362.295866][ T8120]  ? is_bpf_text_address+0x8a/0x1a0
[  362.295885][ T8120]  ? __pfx_lock_release+0x10/0x10
[  362.295906][ T8120]  ? stack_access_ok+0xf9/0x270
[  362.295920][ T8120]  ? __module_address+0x55/0x3c0
[  362.295945][ T8120]  ? __pfx___schedule+0x10/0x10
[  362.295965][ T8120]  ? mark_held_locks+0x9f/0xe0
[  362.295990][ T8120]  ? preempt_schedule_thunk+0x1a/0x30
[  362.296007][ T8120]  preempt_schedule_common+0x44/0xc0
[  362.296028][ T8120]  preempt_schedule_thunk+0x1a/0x30
[  362.296045][ T8120]  ? unwind_next_frame+0x11ff/0x23a0
[  362.296060][ T8120]  ? unwind_next_frame+0x1c8b/0x23a0
[  362.296075][ T8120]  unwind_next_frame+0x1c90/0x23a0
[  362.296091][ T8120]  ? __sys_sendmsg+0x117/0x1f0
[  362.296115][ T8120]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  362.296133][ T8120]  arch_stack_walk+0x100/0x170
[  362.296152][ T8120]  ? __do_fast_syscall_32+0x73/0x120
[  362.296176][ T8120]  stack_trace_save+0x95/0xd0
[  362.296193][ T8120]  ? __pfx_stack_trace_save+0x10/0x10
[  362.296210][ T8120]  ? hlock_class+0x4e/0x130
[  362.296228][ T8120]  kasan_save_stack+0x33/0x60
[  362.296244][ T8120]  ? kasan_save_stack+0x33/0x60
[  362.296259][ T8120]  ? kasan_save_track+0x14/0x30
[  362.296273][ T8120]  ? __kasan_kmalloc+0xaa/0xb0
[  362.296288][ T8120]  ? rtnl_newlink+0x49/0xa0
[  362.296306][ T8120]  ? rtnetlink_rcv_msg+0x3c7/0xea0
[  362.296324][ T8120]  ? netlink_rcv_skb+0x165/0x410
[  362.296347][ T8120]  ? netlink_unicast+0x53c/0x7f0
[  362.296370][ T8120]  ? netlink_sendmsg+0x8b8/0xd70
[  362.296392][ T8120]  ? ____sys_sendmsg+0x9b4/0xb50
[  362.296407][ T8120]  ? ___sys_sendmsg+0x135/0x1e0
[  362.296427][ T8120]  ? __sys_sendmsg+0x117/0x1f0
[  362.296464][ T8120]  kasan_save_track+0x14/0x30
[  362.296479][ T8120]  __kasan_kmalloc+0xaa/0xb0
[  362.296495][ T8120]  rtnl_newlink+0x49/0xa0
[  362.296519][ T8120]  ? __pfx_rtnl_newlink+0x10/0x10
[  362.296539][ T8120]  rtnetlink_rcv_msg+0x3c7/0xea0
[  362.296558][ T8120]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.296577][ T8120]  ? __pfx___dev_queue_xmit+0x10/0x10
[  362.296599][ T8120]  netlink_rcv_skb+0x165/0x410
[  362.296623][ T8120]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.296642][ T8120]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  362.296672][ T8120]  ? netlink_deliver_tap+0x1ae/0xcf0
[  362.296697][ T8120]  netlink_unicast+0x53c/0x7f0
[  362.296721][ T8120]  ? __pfx_netlink_unicast+0x10/0x10
[  362.296745][ T8120]  ? __phys_addr_symbol+0x30/0x80
[  362.296760][ T8120]  ? __check_object_size+0x497/0x720
[  362.296783][ T8120]  netlink_sendmsg+0x8b8/0xd70
[  362.296806][ T8120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.296828][ T8120]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  362.296852][ T8120]  ____sys_sendmsg+0x9b4/0xb50
[  362.296867][ T8120]  ? __pfx_____sys_sendmsg+0x10/0x10
[  362.296882][ T8120]  ? get_compat_msghdr+0x11b/0x170
[  362.296905][ T8120]  ? __pfx___lock_acquire+0x10/0x10
[  362.296925][ T8120]  ___sys_sendmsg+0x135/0x1e0
[  362.296947][ T8120]  ? __pfx____sys_sendmsg+0x10/0x10
[  362.296973][ T8120]  ? ksys_write+0x21c/0x260
[  362.296997][ T8120]  ? __fget_light+0x173/0x210
[  362.297017][ T8120]  __sys_sendmsg+0x117/0x1f0
[  362.297038][ T8120]  ? __pfx___sys_sendmsg+0x10/0x10
[  362.297067][ T8120]  __do_fast_syscall_32+0x73/0x120
[  362.297090][ T8120]  do_fast_syscall_32+0x32/0x80
[  362.297112][ T8120]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  362.297130][ T8120] RIP: 0023:0xf740e579
[  362.297142][ T8120] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  362.297157][ T8120] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  362.297171][ T8120] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000600
[  362.297206][ T8120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  362.297216][ T8120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  362.297225][ T8120] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  362.297235][ T8120] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  362.297251][ T8120]  </TASK>
[  362.803512][ T8120] CPU: 3 UID: 0 PID: 8120 Comm: syz.3.693 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  362.807983][ T8120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  362.812097][ T8120] Call Trace:
[  362.813404][ T8120]  <TASK>
[  362.814704][ T8120]  dump_stack_lvl+0x116/0x1f0
[  362.816737][ T8120]  should_fail_ex+0x497/0x5b0
[  362.818865][ T8120]  copy_to_user_nofault+0x9f/0x1a0
[  362.821133][ T8120]  bpf_probe_write_user+0xaf/0xf0
[  362.823399][ T8120]  bpf_prog_c7763bb3f68e5cb3+0x40/0x42
[  362.825818][ T8120]  bpf_trace_run4+0x245/0x5a0
[  362.827863][ T8120]  ? __pfx_bpf_trace_run4+0x10/0x10
[  362.830151][ T8120]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  362.833101][ T8120]  __traceiter_sched_switch+0x6c/0xc0
[  362.835500][ T8120]  __schedule+0x17cf/0x5490
[  362.837449][ T8120]  ? is_bpf_text_address+0x8a/0x1a0
[  362.839474][ T8120]  ? __pfx_lock_release+0x10/0x10
[  362.841456][ T8120]  ? stack_access_ok+0xf9/0x270
[  362.843318][ T8120]  ? __module_address+0x55/0x3c0
[  362.846406][ T8120]  ? __pfx___schedule+0x10/0x10
[  362.848538][ T8120]  ? mark_held_locks+0x9f/0xe0
[  362.850676][ T8120]  ? preempt_schedule_thunk+0x1a/0x30
[  362.853028][ T8120]  preempt_schedule_common+0x44/0xc0
[  362.855386][ T8120]  preempt_schedule_thunk+0x1a/0x30
[  362.858143][ T8120]  ? unwind_next_frame+0x11ff/0x23a0
[  362.860971][ T8120]  ? unwind_next_frame+0x1c8b/0x23a0
[  362.863315][ T8120]  unwind_next_frame+0x1c90/0x23a0
[  362.865643][ T8120]  ? __sys_sendmsg+0x117/0x1f0
[  362.867756][ T8120]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  362.870470][ T8120]  arch_stack_walk+0x100/0x170
[  362.872611][ T8120]  ? __do_fast_syscall_32+0x73/0x120
[  362.874950][ T8120]  stack_trace_save+0x95/0xd0
[  362.877031][ T8120]  ? __pfx_stack_trace_save+0x10/0x10
[  362.879415][ T8120]  ? hlock_class+0x4e/0x130
[  362.882491][ T8120]  kasan_save_stack+0x33/0x60
[  362.884581][ T8120]  ? kasan_save_stack+0x33/0x60
[  362.886674][ T8120]  ? kasan_save_track+0x14/0x30
[  362.888833][ T8120]  ? __kasan_kmalloc+0xaa/0xb0
[  362.890934][ T8120]  ? rtnl_newlink+0x49/0xa0
[  362.892964][ T8120]  ? rtnetlink_rcv_msg+0x3c7/0xea0
[  362.895350][ T8120]  ? netlink_rcv_skb+0x165/0x410
[  362.897568][ T8120]  ? netlink_unicast+0x53c/0x7f0
[  362.899674][ T8120]  ? netlink_sendmsg+0x8b8/0xd70
[  362.901601][ T8120]  ? ____sys_sendmsg+0x9b4/0xb50
[  362.903178][ T8120]  ? ___sys_sendmsg+0x135/0x1e0
[  362.904732][ T8120]  ? __sys_sendmsg+0x117/0x1f0
[  362.906548][ T8120]  kasan_save_track+0x14/0x30
[  362.908293][ T8120]  __kasan_kmalloc+0xaa/0xb0
[  362.910095][ T8120]  rtnl_newlink+0x49/0xa0
[  362.911546][ T8120]  ? __pfx_rtnl_newlink+0x10/0x10
[  362.913252][ T8120]  rtnetlink_rcv_msg+0x3c7/0xea0
[  362.915197][ T8120]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.917490][ T8120]  ? __pfx___dev_queue_xmit+0x10/0x10
[  362.919746][ T8120]  netlink_rcv_skb+0x165/0x410
[  362.921626][ T8120]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.924084][ T8120]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  362.926431][ T8120]  ? netlink_deliver_tap+0x1ae/0xcf0
[  362.928761][ T8120]  netlink_unicast+0x53c/0x7f0
[  362.930905][ T8120]  ? __pfx_netlink_unicast+0x10/0x10
[  362.933196][ T8120]  ? __phys_addr_symbol+0x30/0x80
[  362.935380][ T8120]  ? __check_object_size+0x497/0x720
[  362.937606][ T8120]  netlink_sendmsg+0x8b8/0xd70
[  362.939513][ T8120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.942118][ T8120]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  362.944413][ T8120]  ____sys_sendmsg+0x9b4/0xb50
[  362.946670][ T8120]  ? __pfx_____sys_sendmsg+0x10/0x10
[  362.948930][ T8120]  ? get_compat_msghdr+0x11b/0x170
[  362.951158][ T8120]  ? __pfx___lock_acquire+0x10/0x10
[  362.953448][ T8120]  ___sys_sendmsg+0x135/0x1e0
[  362.955541][ T8120]  ? __pfx____sys_sendmsg+0x10/0x10
[  362.957799][ T8120]  ? ksys_write+0x21c/0x260
[  362.959716][ T8120]  ? __fget_light+0x173/0x210
[  362.961678][ T8120]  __sys_sendmsg+0x117/0x1f0
[  362.963659][ T8120]  ? __pfx___sys_sendmsg+0x10/0x10
[  362.965816][ T8120]  __do_fast_syscall_32+0x73/0x120
[  362.968003][ T8120]  do_fast_syscall_32+0x32/0x80
[  362.970044][ T8120]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  362.972669][ T8120] RIP: 0023:0xf740e579
[  362.974435][ T8120] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  362.982198][ T8120] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  362.985634][ T8120] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000600
[  362.988531][ T8120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  362.991671][ T8120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  362.994734][ T8120] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  362.997775][ T8120] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  363.000789][ T8120]  </TASK>
[  363.002209][    C3] vkms_vblank_simulate: vblank timer overrun
[  363.011309][ T8120] netlink: 'syz.3.693': attribute type 10 has an invalid length.
[  363.021986][ T8120] team0: Port device wlan1 added
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  363.278847][ T8123] nbd1: detected capacity change from 0 to 22
[  363.282981][ T8123] block nbd1: shutting down sockets
[  363.310638][   T51] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.314333][   T51] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.317689][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.325562][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.332739][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.336597][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.339883][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.342905][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.345941][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.350577][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.355531][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.359379][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.362207][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.365936][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.369957][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.373748][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.376976][ T7949] ldm_validate_partition_table(): Disk read failed.
[  363.380248][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.384020][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.387038][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.391995][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read
[  363.395237][ T7949] Dev nbd1: unable to read RDB block 0
[  363.397539][ T7949]  nbd1: unable to read partition table
[  363.400722][ T7949] nbd1: partition table beyond EOD, truncated
[  363.413018][ T7949] ldm_validate_partition_table(): Disk read failed.
[  363.422895][ T7949] Dev nbd1: unable to read RDB block 0
[  363.425372][ T7949]  nbd1: unable to read partition table
[  363.427862][ T7949] nbd1: partition table beyond EOD, truncated
[  363.791588][ T1104] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.915038][ T1104] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.016634][ T1104] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.046015][ T7259] syz-executor (7259) used greatest stack depth: 19712 bytes left
[  364.107467][ T1104] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.245590][ T1104] bridge_slave_1: left allmulticast mode
[  364.247824][ T1104] bridge_slave_1: left promiscuous mode
[  364.252084][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.256652][ T1104] bridge_slave_0: left allmulticast mode
[  364.261564][ T1104] bridge_slave_0: left promiscuous mode
[  364.264036][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.574411][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  364.584291][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  364.595007][ T1104] bond0 (unregistering): Released all slaves
[  364.603216][ T1104] bond1 (unregistering): Released all slaves
[  364.686650][ T1104] tipc: Disabling bearer <udp:syz2>
[  364.689721][ T1104] tipc: Left network mode
[  365.046441][ T1104] hsr_slave_0: left promiscuous mode
[  365.050858][ T1104] hsr_slave_1: left promiscuous mode
[  365.054722][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  365.057974][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  365.070284][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  365.073054][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  365.084534][ T1104] veth1_macvtap: left promiscuous mode
[  365.086505][ T1104] veth0_macvtap: left promiscuous mode
[  365.088847][ T1104] veth1_vlan: left promiscuous mode
[  365.090659][ T1104] veth0_vlan: left promiscuous mode
[  365.501492][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  365.560382][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  366.557289][ T1104] IPVS: stop unused estimator thread 0...
[  366.682350][ T1104] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.796050][ T1104] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.882598][ T1104] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.971759][ T1104] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.121793][ T1104] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.220027][ T1104] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.286154][ T1104] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.370163][ T1104] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.500637][ T1104] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.602303][ T1104] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.749256][ T1104] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.833189][ T1104] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.940516][ T1104] bridge_slave_1: left allmulticast mode
[  367.942836][ T1104] bridge_slave_1: left promiscuous mode
[  367.945292][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.954089][ T1104] bridge_slave_0: left allmulticast mode
[  367.956621][ T1104] bridge_slave_0: left promiscuous mode
[  367.962256][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.973396][ T1104] bridge_slave_1: left allmulticast mode
[  367.975581][ T1104] bridge_slave_1: left promiscuous mode
[  367.981208][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.986193][ T1104] bridge_slave_0: left allmulticast mode
[  367.988098][ T1104] bridge_slave_0: left promiscuous mode
[  367.991926][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.999822][ T1104] bridge_slave_1: left allmulticast mode
[  368.002057][ T1104] bridge_slave_1: left promiscuous mode
[  368.004370][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.011714][ T1104] bridge_slave_0: left allmulticast mode
[  368.013981][ T1104] bridge_slave_0: left promiscuous mode
[  368.016370][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.637881][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  368.647370][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  368.657017][ T1104] bond0 (unregistering): Released all slaves
[  368.685918][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  368.694161][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  368.704712][ T1104] bond0 (unregistering): Released all slaves
[  368.727886][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  368.735620][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  368.744349][ T1104] bond0 (unregistering): Released all slaves
[  369.282767][ T1104] team0: Port device wlan1 removed
[  369.693846][ T1104] hsr_slave_0: left promiscuous mode
[  369.698030][ T1104] hsr_slave_1: left promiscuous mode
[  369.702202][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.705429][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.711080][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.714514][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.728829][ T1104] hsr_slave_0: left promiscuous mode
[  369.731937][ T1104] hsr_slave_1: left promiscuous mode
[  369.735251][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.741622][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.746059][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.749769][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.758261][ T1104] hsr_slave_0: left promiscuous mode
[  369.768116][ T1104] hsr_slave_1: left promiscuous mode
[  369.773769][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.776989][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.783871][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.787081][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.798215][ T1104] veth1_macvtap: left promiscuous mode
[  369.801736][ T1104] veth0_macvtap: left promiscuous mode
[  369.804218][ T1104] veth1_vlan: left promiscuous mode
[  369.806465][ T1104] veth0_vlan: left promiscuous mode
[  369.811253][ T1104] veth1_macvtap: left promiscuous mode
[  369.813511][ T1104] veth0_macvtap: left promiscuous mode
[  369.815813][ T1104] veth1_vlan: left promiscuous mode
[  369.818176][ T1104] veth0_vlan: left promiscuous mode
[  369.824378][ T1104] veth1_macvtap: left promiscuous mode
[  369.826849][ T1104] veth0_macvtap: left promiscuous mode
[  369.829336][ T1104] veth1_vlan: left promiscuous mode
[  369.831577][ T1104] veth0_vlan: left promiscuous mode
[  370.540230][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  370.605076][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  371.184266][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  371.265161][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  372.111130][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  372.192571][ T1104] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
07:24:47  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc90004537b60 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff84b233a4 RDI=ffffc90004537b60 RBP=ffffffff84b23390 RSP=ffffc90000007f60
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=000000000005d25e
R12=0000000000000000 R13=dffffc0000000000 R14=ffffc90004097b20 R15=ffffc90004537b28
RIP=ffffffff84b233cd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000025016c64 CR3=0000000053096000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000003 RBX=ffffc90004097ba0 RCX=1ffffffff202432f RDX=dffffc0000000000
RSI=ffffffff8b4c9540 RDI=ffffffff932020e0 RBP=ffffffff9a28e160 RSP=ffffc90004097a60
R8 =0000000000000002 R9 =0000000000000000 R10=ffffc90004097b60 R11=0000000000000001
R12=ffffffff932020e0 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81696fb1 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000025016c64 CR3=00000000623a4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000087000000000 0000000d00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813be4ae RDX=ffff88801f77c880
RSI=ffffffff813be4cb RDI=0000000000000000 RBP=ffff88802b83edc0 RSP=ffffc90000e1f8d8
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=00000000fe4196ef
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b83fc80 R15=ffffed1005707db8
RIP=ffffffff813be4cc RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000025016c64 CR3=00000000669e6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fc2445 RDI=ffffffff9a516640 RBP=ffffffff9a516600 RSP=ffffc90039216a48
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fc23e0 R15=0000000000000000
RIP=ffffffff84fc246f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000025016c64 CR3=0000000056ea8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000